Nmap Development mailing list archives

Re: smbv2-dos.nse

From: Fyodor <fyodor () insecure org>
Date: Sun, 13 Sep 2009 02:41:13 -0700

On Sat, Sep 12, 2009 at 11:14:30AM -0500, Kris Katterjohn wrote:


We shouldn't butcher a category like "all", when its name describes it
perfectly in 3 letters.  All is all.


I agree, but I also think Ron makes a great point that users may
(wrongly) assume that --scripts=all is reasonably safe to run since
the documentation mentions the feature in several places but never
mentions any risks.  So I've added a warning to refguide and
scripting.xml that --script=all can be dangerous since Nmap may
contain exploits, denial of service attacks, brute force
authentication crackers, and other dangerous scripts.

Cheers,
-F

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

Current thread:

smbv2-dos.nse Ron (Sep 12)
- Re: smbv2-dos.nse Kris Katterjohn (Sep 12)
  - Re: smbv2-dos.nse Ron (Sep 12)
    - Re: smbv2-dos.nse Kris Katterjohn (Sep 12)
    - Re: smbv2-dos.nse bensonk (Sep 12)
    - Re: smbv2-dos.nse Lane Christiansen (Sep 12)
  - Re: smbv2-dos.nse Fyodor (Sep 13)
    - Re: smbv2-dos.nse jah (Sep 13)
    - Re: smbv2-dos.nse Patrick Donnelly (Sep 13)
    - Re: smbv2-dos.nse Memphis Bytes (Sep 13)
    - Re: smbv2-dos.nse Patrick Donnelly (Sep 14)
- Re: smbv2-dos.nse Patrick Donnelly (Sep 13)