Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Adding "dangerous" checks?

From: Ron <ron () skullsecurity net>
Date: Mon, 03 Nov 2008 17:50:17 -0600
Michael Pattrick wrote:

I cant comment on the legallity, but from [0]:

intrusive
    These are scripts that cannot be classified in the safe category because the risks
are too high that they will crash the target system, use up significant resources on
the target host (such as bandwidth or CPU time), or otherwise be perceived as
malicious by the target's system administrators.

...

vuln
    These scripts check for specific known vulnerabilities and generally only report
results if they are found.


Since these categories pretty much state that they will cause damage
to the target, I think it is ok to create a script that crashes a host
as long as it is labeled properly.

Cheers,
Michael

[0] http://nmap.org/book/nse-usage.html#nse-categories


You're right, it's reasonable in that sense. On the other hand, if
somebody is going to run something that has a reasonable (>10%? >5%?)
chance of crashing a system hard, there should be a little more warning.
For example, dangerous checks won't run unless they specify a special
parameter enabling them (--scripts-args=unsafe=true). Or do you guys
think doing that's redundant with the safe/intrusive categories?

Legally, I'm not really worried. People can use whatever I write for
good or for bad, that's their call. I'm more worried about people
accidentally breaking stuff.

Ron


-- 
Ron Bowes
http://www.skullsecurity.org/
http://www.javaop.com/

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: