Nmap Development mailing list archives
Re: smbv2-dos.nse
From: Ron <ron () skullsecurity net>
Date: Sat, 12 Sep 2009 11:22:45 -0500
On 09/12/2009 11:14 AM, Kris Katterjohn wrote:
I think it should be, since it's called "all". Just because so far "all" hasn't contained stuff like dos and exploit scripts doesn't mean it shouldn't live up to its name now. Correct me if I'm wrong, but couldn't you do "all and not dos" or something similiar for this effect? If the concern is for users accidently running evil dos and exploit scripts when they specify "all", then I'm not sure what to say. If they're going to blindly run "all" scripts without knowing what they do, then they're just in for trouble anyway. We shouldn't butcher a category like "all", when its name describes it perfectly in 3 letters. All is all. However if you're concerned with the fact that "all" isn't "relatively safe" anymore, so you can't type just 3 letters, I think the boolean rule above will suffice (or we could theoretically create yet another category to work around this, but I don't like that very much). Sorry if I've sounded stern; I've just wanted to get all of this out beforehand in case this discussion takes off :)
Hey Kris I totally see what you mean, and I do agree.That being said, I do worry about people accidentally crashing stuff using my script. I know the first thing I did was run --script=all against a test server when I discovered that scripting exists, and that's fine (crashing test servers is fun :) ). But not everybody is that smart.
When it comes down to it, I can go either way on the issue. Ron -- Ron Bowes http://www.skullsecurity.org/ _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- smbv2-dos.nse Ron (Sep 12)
- Re: smbv2-dos.nse Kris Katterjohn (Sep 12)
- Re: smbv2-dos.nse Ron (Sep 12)
- Re: smbv2-dos.nse Kris Katterjohn (Sep 12)
- Re: smbv2-dos.nse bensonk (Sep 12)
- Re: smbv2-dos.nse Lane Christiansen (Sep 12)
- Re: smbv2-dos.nse Ron (Sep 12)
- Re: smbv2-dos.nse Kris Katterjohn (Sep 12)
- Re: smbv2-dos.nse Fyodor (Sep 13)
- Re: smbv2-dos.nse jah (Sep 13)
- Re: smbv2-dos.nse Patrick Donnelly (Sep 13)
- Re: smbv2-dos.nse Memphis Bytes (Sep 13)
- Re: smbv2-dos.nse Patrick Donnelly (Sep 14)