Nmap Development mailing list archives
Safe and Intrusive Category confusion
From: Patrick Donnelly <batrick () batbytes com>
Date: Sat, 19 Sep 2009 02:41:07 -0400
I just was recently looking through some of the scripts' categories and found some inconsistencies. Some of our scripts do not have an intrusive or safe category. In previous discussions [1], the general consensus was that safe and intrusive would be mutually exclusive categories and each script would be in one of these two categories. I did a check through our scripts to see which scripts were not safe and not intrusive: batrick@batbytes:~/nmap/svn/nmap/scripts$ cat <(grep categories *.nse | grep safe) <(grep categories *.nse | grep --invert-match intrusive) <(grep categories *.nse | grep version) | sort | uniq -u asn-query.nse:categories = {"discovery", "external"} auth-spoof.nse:categories = {"malware"} daytime.nse:categories = {"discovery"} dhcp-discover.nse:categories = {"default", "discovery"} finger.nse:categories = {"default", "discovery"} http-favicon.nse:categories = {"default", "discovery"} http-headers.nse:categories = {"discovery"} http-malware-host.nse:categories = {"malware"} http-trace.nse:categories = {"discovery"} http-userdir-enum.nse:categories = {"discovery"} imap-capabilities.nse:categories = {"default"} irc-info.nse:categories = {"default", "discovery"} pop3-capabilities.nse:categories = {"default","discovery"} realvnc-auth-bypass.nse:categories = {"default", "vuln"} smtp-open-relay.nse:categories = {"demo"} smtp-open-relay.nse:-- * Fixed tags -> categories (reported by Jason DePriest to nmap-dev) smtp-strangeport.nse:categories = {"malware"} sniffer-detect.nse:categories = {"discovery"} ssh-hostkey.nse:categories = {"safe","default","intrusive"} (I edited one extraneous line out and one should note that the last script, ssh-hostkey.nse is both safe AND intrusive??). I want to go ahead and fix these scripts but wanted to make sure that having each script be "safe" XOR "default" is the way to go? Also, I think we need to be more strict with category assignment (possibly construct a more thorough description and requirements document?) before acceptance into the trunk, just like NSEDoc. Some scripts have only one category when they could fit in several (and some are in the wrong categories, like ssh-hostkey.nse). [1] http://seclists.org/nmap-dev/2008/q2/0680.html -- -Patrick Donnelly "Let all men know thee, but no man know thee thoroughly: Men freely ford that see the shallows." - Benjamin Franklin _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Safe and Intrusive Category confusion Patrick Donnelly (Sep 18)
- Re: Safe and Intrusive Category confusion Ron (Sep 18)
- Re: Safe and Intrusive Category confusion David Fifield (Sep 22)
- Re: Safe and Intrusive Category confusion Ron (Sep 22)
- Re: Safe and Intrusive Category confusion Kris Katterjohn (Sep 22)
- Re: Safe and Intrusive Category confusion David Fifield (Sep 22)
- Re: Safe and Intrusive Category confusion Kris Katterjohn (Sep 22)
- Re: Safe and Intrusive Category confusion Fyodor (Sep 23)
- Re: Safe and Intrusive Category confusion David Fifield (Sep 27)
- Re: Safe and Intrusive Category confusion Patrick Donnelly (Sep 28)
- Re: Safe and Intrusive Category confusion Fyodor (Sep 28)