Re: [PATCH] showOwner.nse script causing infinite loop

[Brandon Enright <bmenrigh () ucsd edu>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Sat, 24 May 2008 18:56:27 -0700
Fyodor <fyodor () insecure org> wrote:
...snip...
> I do think that, perhaps, this script should be modified to still
> allow open|filtered for TCP ports.  And then, if it gets a positive
> response for a port from identd, maybe it should then mark the port as
> open.  That could be useful in some situations.
>
> Cheers,
> -F

Sorry to revive a somewhat old conversation.  With the amount of
fake ident out there I think it would be a mistake to naively trust the
results.

Here is an example I just ran into:

$ telnet <host> 113
Trying <host>...
Connected to <host>.
Escape character is '^]'.
1,1
1 , 1 : USERID : JAVA : Webchat User
Connection closed by foreign host.

I can't remember the last time I saw a properly behaving ident service
on campus.

If the NSE script tries to connect to all the 'open|filtered' ports
that could take much longer than just doing -sC or -sS.  Probably not
the job for an NSE script.

Brandon

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)

iEYEARECAAYFAkg/THsACgkQqaGPzAsl94IkgACeMiPYcJcM8tW5k8PayL3PvtAC
zJMAnjMKwkAbfjFKS6J6sqD6mertkcSP
=UoXA
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org