Nmap NSE: Bad Behaviour

[jah <jah () zadkiel plus com>]

Hi all,

I knocked-up a quick script to test for bad anchors on an html page
yesterday.  I found that the HEAD request I was using was unreliable - I
was getting status code 200 where a GET request for the same resource
would return 404 - so today I've been trying to use the Range: header to
get a few bytes of the resource and speed-up GET's.  A link I tested
yesterday returned a different status today.  Namely "400 - Bad Behaviour".
It seems I've managed to get "Nmap NSE" into a database of unwanted
User-Agents for http://www.bad-behavior.ioerror.us/.  Here's the link to
the "Technical Support" information:
http://www.ioerror.us/bb2-support-key?key=d49f-5f73-7ad0-4a8a
and I quote:
"You accessed the Web site using software which is banned due to
malicious activity associated with that software. Uninstall it from your
computer and contact the software's author for assistance. In the
meantime, you may access the site using different software, such as
Firefox."

There's always one that spoils it for the many, huh.  Sorry about that.

May I suggest that the HTTP library user-agent be changed to:
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.8.1.14)
Gecko/20080404 Firefox/2.0.0.14

In the meantime, I've uninstalled Nmap from my computer and I'm
contacting its author for assistance.


jah

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org