Re: [RFC] NSE Re-categorization

["DePriest, Jason R." <jrdepriest () gmail com>]

> I like to be sure :)
>
> How do you feel about the actual re-categorized list I posted?
>
> > -Jason
>
> Thanks,
> Kris Katterjohn

What might be nice is a hierarchy to show which safer tests are
subsets of more "dangerous" or at least more involved tests.

Something like this:


                                /-> malware->\
                               /              \
safe --> discovery --> version --> vuln ----->|-> intrusive
                               \              /
                                \-> auth --->/

with demo and default on their own

A script like netbios-smb-os-discovery.nse does a lot of work.  It's
almost intrusive, but probably just a discovery.

The diagram helps me figure out where it should go and "version" seems
fine in that context since it does more than a simple discovery and
you don't want to run it without asking for version detection.

I also don't understand the benefit of having a script that is
"intrusive" also be a "discovery" scan.  If it is "intrusive" then I
don't want it running if I am only asking for "discovery."

They should be either "discovery" and relatively benign or "intrusive"
and used with intent.

Explain the logic between having a script in both categories.  Maybe I
just don't "get it."

-Jason

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org