Nmap Development mailing list archives
Re: Nmap NSE: Bad Behaviour
From: jah <jah () zadkiel plus com>
Date: Fri, 30 May 2008 15:26:45 +0100
Hi again, So first off, my suggestion to change the user-agent to firefox was tongue-in-cheek - I'm sure that was apparent, but I thought I'd better emphasise it in case it gets misconstrued. Second, I hadn't properly looked into bad-behaviour when I posted. It turns out not to be a database and I've not got the Nmap NSE user agent added to one. Bad-behaviour is a php application that performs tests on the HTTP request to block link-spamming. After looking at the source, I saw that the trigger was my Range header value: Range: bytes=0-15 which failed a test, the comment for which reads: // Range: field exists and begins with 0 // Real user-agents do not start ranges at 0 so I changed my Range to begin at 1 and all was cool again. I agree with Benson that we shouldn't, by default, spoof the user-agent for Nmap NSE, but I do like the idea of being able to specify either a random or a particular user-agent from a range of common ones as well as the ability to specify an arbitrary one on the command-line for scripts using the http library. I think a combination of Brandon's and Kris' ideas would be cool. regards, jah _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Nmap NSE: Bad Behaviour jah (May 29)
- Re: Nmap NSE: Bad Behaviour Brandon Enright (May 29)
- Re: Nmap NSE: Bad Behaviour Kris Katterjohn (May 29)
- Re: Nmap NSE: Bad Behaviour Kris Katterjohn (May 29)
- Re: Nmap NSE: Bad Behaviour bensonk (May 29)
- Re: Nmap NSE: Bad Behaviour jah (May 30)
- Re: Nmap NSE: Bad Behaviour Fyodor (May 30)
- Re: Nmap NSE: Bad Behaviour DePriest, Jason R. (Jun 09)
- Re: Nmap NSE: Bad Behaviour Kris Katterjohn (May 29)
- Re: Nmap NSE: Bad Behaviour Brandon Enright (May 29)