Nmap Development mailing list archives
Re: New script - http-favicon.nse
From: dave-san <dave () subverted org>
Date: Thu, 06 Nov 2008 21:26:10 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Sullo wrote:
First off let me say I'm happy to contribute the current db signatures to nmap's nse script for this--permission is granted from me/CIRT, Inc., for the database as it exists today (version 2.003). The restricted license on Nikto's db files is to prevent commercial abuses of the datbases, and several people can attest that I've allowed them to be used (with permission) in other OSS projects. ********************** However, I wanted to comment on a few messages that I read here that have a bit of a cavalier attitude towards respecting licenses.
I meant no offense, and certainly didn't mean to imply that I don't respect the licensing.
Maybe they are willing to contribute it to nmap?I'd say it is likely, though it is probably unecessary.I'm not sure how to take that. Licenses must be respected--so it is definitely necessary. It doesn't matter if the license is OSS or something really draconian--it needs to be followed (or challenged in court, I guess!).
My mistake.. I think a bit of that was taken out of context, I didn't mean to say that the LICENSING was unnecessary if the db was used from Nikto. Rather, I was speaking in terms of the concept of generating a new hash database, (which might make the licensing unnecessary since the database would be generated here).
Well, I just fired off an email to a friend of mine who contributedthe hash information to Nikto and Nessus, and he said it was fineto use them. I'll have him post directly to the list if that'll help.To be clear, that only applies to what he originally sent. He can't grant relicense to Nikto or Nessus data directly. Since I know that more than one person has contributed to Nikto's, that means not all of them (but see above). ********************** As I said from the start, I'm happy to contribute and am glad the licensing discussion came up, but I want everyone to recognize that just because something is open source/gpl for the code, it does not mean the same applies to databases. Additionally, even if it *is* oss/gpl, it does not mean licenses can be ignored. Maybe I'm reading too much into the mails?
Not at all; I should be more clear.
Anyway, sorry this was a bit OT. Regards, Sullo
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFJE8NiQykzwGjPFpsRAvDdAJ4/3cBKAXoLORE7NXrMvEMnZTKeKACeMbfs eoKP+5xN58Eh3vgVrQcPiJ8= =25Bs -----END PGP SIGNATURE----- _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- New script - http-favicon.nse Vlatko Kosturjak (Nov 06)
- Re: New script - http-favicon.nse Kris Katterjohn (Nov 06)
- Re: New script - http-favicon.nse dave-san (Nov 06)
- Re: New script - http-favicon.nse Vlatko Kosturjak (Nov 06)
- Re: New script - http-favicon.nse dave-san (Nov 06)
- Re: New script - http-favicon.nse dave-san (Nov 06)
- Re: New script - http-favicon.nse Sullo (Nov 06)
- Re: New script - http-favicon.nse dave-san (Nov 06)
- Re: New script - http-favicon.nse Sullo (Nov 06)
- Re: New script - http-favicon.nse dave-san (Nov 06)
- Re: New script - http-favicon.nse Kris Katterjohn (Nov 06)
- Re: New script - http-favicon.nse Vlatko Kosturjak (Nov 06)
- Re: New script - http-favicon.nse Kris Katterjohn (Nov 06)
- Re: New script - http-favicon.nse Vlatko Kosturjak (Nov 06)
- Re: New script - http-favicon.nse Kris Katterjohn (Nov 06)
- Re: New script - http-favicon.nse Vlatko Kosturjak (Nov 06)
- Re: New script - http-favicon.nse Brandon Enright (Nov 06)
- Re: New script - http-favicon.nse Vlatko Kosturjak (Nov 07)