Nmap Development mailing list archives
Re: [BUG] Exclusions directive not honored by NSE version detection
From: Fyodor <fyodor () insecure org>
Date: Mon, 24 May 2010 13:32:17 -0700
On Sat, May 22, 2010 at 01:37:36PM -0500, Tom Sellers wrote:
To me it would make sense if ports flagged in Exclude directive were excluded from both normal version scanning as well as script version scanning. While I could see an argument for scripts not being subject to this due to being able to include better logic, it would seem that every script in the Version category would have to keep in mind that some ports (which may change in the future) should not be scanned unless you really know how to handle them.
I agree that "version" category scripts should not be scanning excluded ports. How that should be implemented (e.g. NSE infrastructure or logic in the scripts/libraries) is debatable. I think I favor script/library logic (with Nmap exporting the list of excluded ports, of course) since we only have 6 "version" scripts, and other scripts might be interested in which ports are excluded in the future too. Another thing we could consider is changing the "excluded ports" to mean that these ports cannot be WRITTEN to. That would allow version detection (and NSE) to connect to TCP ports and do the "Null probe" where they just listen for a banner. Our only excluded ports after all these years are the HP JetDirect printer TCP ports, and I don't think (but could be wrong) that those cause problems when you just connect to them. The issue is that when you send any data, it gets printed as-is. What a terrible protocol! The Exclude directive is an unfortunate hack to get around retarded HP printers. I hope one day HP will fix their products and we'll be able to remove the exclude directive entirely. Cheers, Fyodor _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [BUG] Exclusions directive not honored by NSE version detection Tom Sellers (Apr 30)
- Re: [BUG] Exclusions directive not honored by NSE version detection David Fifield (May 17)
- Re: [BUG] Exclusions directive not honored by NSE version detection Tom Sellers (May 22)
- Re: [BUG] Exclusions directive not honored by NSE version detection Fyodor (May 24)
- Re: [BUG] Exclusions directive not honored by NSE version detection Patrik Karlsson (May 24)
- Re: [BUG] Exclusions directive not honored by NSE version detection Tom Sellers (May 22)
- Re: [BUG] Exclusions directive not honored by NSE version detection David Fifield (May 17)
- Re: [BUG] Exclusions directive not honored by NSE version detection Djalal Harouni (Jun 17)
- Re: [BUG] Exclusions directive not honored by NSE version detection Kris Katterjohn (Jun 17)
- Re: [BUG] Exclusions directive not honored by NSE version detection Djalal Harouni (Jun 17)
- Re: [BUG] Exclusions directive not honored by NSE version detection Kris Katterjohn (Jun 17)
- Re: [BUG] Exclusions directive not honored by NSE version detection Djalal Harouni (Jun 19)
- Re: [BUG] Exclusions directive not honored by NSE version detection Kris Katterjohn (Jun 19)
- Re: [BUG] Exclusions directive not honored by NSE version detection Fyodor (Jun 20)
- Re: [BUG] Exclusions directive not honored by NSE version detection Djalal Harouni (Jun 20)
- Re: [BUG] Exclusions directive not honored by NSE version detection Djalal Harouni (Jun 20)
- Re: [BUG] Exclusions directive not honored by NSE version detection Kris Katterjohn (Jun 17)