Nmap Development mailing list archives
Re: [NSE] ms-sql scripts and library updates merged
From: Chris Woodbury <woodbusy () gmail com>
Date: Tue, 29 Mar 2011 17:10:48 -0500
Sorry also for the long delay. My vote is for taking Fyodor's option #3 and changing the host rule (patch attached) so the script runs if 1) SQL Server instance discovery has already been performed and instances were found OR 2) One of the instance-targeting script args (e.g. mssql.instance-name) was specified OR 3) A SQL Server-related port (1434/udp, 1433/tcp, smb.get_port()) was scanned and was not closed. This keeps a pretty handy info-gathering script as a default when it's applicable, but hopefully keeps it from running too often when it's not. What are your thoughts? -chris On Mon, Mar 28, 2011 at 6:08 PM, Patrik Karlsson <patrik () cqure net> wrote:
Den 2011-03-19 21.45 skrev Fyodor <fyodor () insecure org>:On Sat, Feb 26, 2011 at 11:50:25PM +0100, Patrik Karlsson wrote:Hi all, I just merged the work Chris Woodbury and I have been doing on the ms-sql branch.This is exciting stuff! But I'm noticed some unfortunate performance characteristics in certain scans due to the way that ms-sql-discover and ms-sql-info are in the "default" category and have hostrules which basically match every host. So say I want to scan for web servers and run the default web-related scripts against them. I might do: ./nmap --datadir . -p80 -Pn -n -v --open -T4 -sC scanme.nmap.org/24 This took 120 seconds in the run I just did. But almost all of this time is actually from ms-sql-*. If I change -sC to "--script default and not ms-sql-*" to exclude the sql scripts, it takes less than 7 seconds. I'm not sure of the best solution. Options include: o Remove these scripts from "default" o Make mssql.SCANNED_PORTS_ONLY default behavior (so it looks at the port state of common ms-sql ports rather than trying to query all hosts) o Or maybe there are other ways to make it more selective or faster? What do you think? Cheers, FyodorSorry for not getting back to you on this. As I haven't had the time to come up with a better solution, I propose we remove it from default for now. Anyone disagree? //Patrik_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Attachment:
ms-sql-info_hostrule.patch
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] ms-sql scripts and library updates merged Patrik Karlsson (Feb 26)
- Re: [NSE] ms-sql scripts and library updates merged Chris Woodbury (Feb 28)
- Re: [NSE] ms-sql scripts and library updates merged Fyodor (Mar 19)
- Re: [NSE] ms-sql scripts and library updates merged Patrik Karlsson (Mar 19)
- Re: [NSE] ms-sql scripts and library updates merged Patrik Karlsson (Mar 28)
- Re: [NSE] ms-sql scripts and library updates merged Chris Woodbury (Mar 29)