Re: [RFC] NSE Re-categorization

[Fyodor <fyodor () insecure org>]

On Fri, Jun 13, 2008 at 01:07:10AM +0100, jah wrote:
> On 12/06/2008 23:07, Kris Katterjohn wrote:
>
> So I think that either intrusive should include scripts that are
> intended to crash services (all in the name of securing ones own
> network, of course) or perhaps there should be a category for "exploits"
> to include scripts that actively exploit vulnerabilities and could crash
> a service or cause an sysadmin alarm - even if the intention is merely
> to detect a vulnerability.

Good point.  We don't have any scripts intended to crash services now.
But if we ever were to add such a script, I'd argue for some sort of
"dos" category.  A script which performas a SYN scan or tries to crash
a certain service goes beyond what I would normally think of even as
"intrusive", IMHO.

Exploits is another interesting category.  If we had actual exploits
like you find in Metasploit, they might fit well in such a category.
Our brute force authentication scripts sort of fit the bill, but it
sounds like we'll probably have a more specific category for them.

So I think both of these are good potential categories, but I don't
think we should add any categories unless we have at least one script
included which will use them.  And I don't know of any DoS or exploit
scripts right now.

> It looks good.  Using Informational and adding Exploits, you even get a
> handy Mnemonic: VICED VIMS (from latin: Grasp with Vigour).

Heh :).

Cheers,
-F

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org