Nmap Development mailing list archives

Safe and Intrusive Category confusion

From: Patrick Donnelly <batrick () batbytes com>
Date: Sat, 19 Sep 2009 02:41:07 -0400

I just was recently looking through some of the scripts' categories
and found some inconsistencies. Some of our scripts do not have an
intrusive or safe category. In previous discussions [1], the general
consensus was that safe and intrusive would be mutually exclusive
categories and each script would be in one of these two categories. I
did a check through our scripts to see which scripts were not safe and
not intrusive:

batrick@batbytes:~/nmap/svn/nmap/scripts$ cat <(grep categories *.nse
| grep safe) <(grep categories *.nse | grep --invert-match intrusive)
<(grep categories *.nse | grep version) | sort | uniq -u
asn-query.nse:categories = {"discovery", "external"}
auth-spoof.nse:categories = {"malware"}
daytime.nse:categories = {"discovery"}
dhcp-discover.nse:categories = {"default", "discovery"}
finger.nse:categories = {"default", "discovery"}
http-favicon.nse:categories = {"default", "discovery"}
http-headers.nse:categories = {"discovery"}
http-malware-host.nse:categories = {"malware"}
http-trace.nse:categories = {"discovery"}
http-userdir-enum.nse:categories = {"discovery"}
imap-capabilities.nse:categories = {"default"}
irc-info.nse:categories = {"default", "discovery"}
pop3-capabilities.nse:categories = {"default","discovery"}
realvnc-auth-bypass.nse:categories = {"default", "vuln"}
smtp-open-relay.nse:categories = {"demo"}
smtp-open-relay.nse:--   * Fixed tags -> categories (reported by Jason
DePriest to nmap-dev)
smtp-strangeport.nse:categories = {"malware"}
sniffer-detect.nse:categories = {"discovery"}
ssh-hostkey.nse:categories = {"safe","default","intrusive"}


(I edited one extraneous line out and one should note that the last
script, ssh-hostkey.nse is both safe AND intrusive??). I want to go
ahead and fix these scripts but wanted to make sure that having each
script be "safe" XOR "default" is the way to go?

Also, I think we need to be more strict with category assignment
(possibly construct a more thorough description and requirements
document?) before acceptance into the trunk, just like NSEDoc. Some
scripts have only one category when they could fit in several (and
some are in the wrong categories, like ssh-hostkey.nse).

[1] http://seclists.org/nmap-dev/2008/q2/0680.html

-- 
-Patrick Donnelly

"Let all men know thee, but no man know thee thoroughly: Men freely
ford that see the shallows."

- Benjamin Franklin

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

Current thread:

Safe and Intrusive Category confusion Patrick Donnelly (Sep 18)
- Re: Safe and Intrusive Category confusion Ron (Sep 18)
- Re: Safe and Intrusive Category confusion David Fifield (Sep 22)
  - Re: Safe and Intrusive Category confusion Ron (Sep 22)
  - Re: Safe and Intrusive Category confusion Kris Katterjohn (Sep 22)
    - Re: Safe and Intrusive Category confusion David Fifield (Sep 22)
    - Re: Safe and Intrusive Category confusion Kris Katterjohn (Sep 22)
  - Re: Safe and Intrusive Category confusion Fyodor (Sep 23)
    - Re: Safe and Intrusive Category confusion David Fifield (Sep 27)
    - Re: Safe and Intrusive Category confusion Patrick Donnelly (Sep 28)
    - Re: Safe and Intrusive Category confusion Fyodor (Sep 28)

(Thread continues...)