Nmap Development mailing list archives
Re: NSEC Enumeration script
From: David Fifield <david () bamsoftware com>
Date: Mon, 28 Feb 2011 16:15:19 -0800
On Sat, Feb 26, 2011 at 01:11:34PM +0100, John Bond wrote:
On 26 February 2011 10:27, David Fifield <david () bamsoftware com> wrote:I also removed anything I was unsure was necessary, again with the goal of having a simpler script. For example, I removed the special wildcard detection because I wasn't having a problem without it and I suspected it may have been necessary because of a bug elsewhere. It's possible I'm wrong about this, so please test it with the environment that was giving you trouble before.I am still having problems with this, ill send you the domain im using of list. once i have digested all your changes ill try adding a better fix like i said in the comments the detection i added was only a hack so i will try and adapt the dns library.
Thanks, I tried the domain you gave me and got an infinite loop on a wildcard too. I edited the script to check for a NSEC record before checking whether the query succeeded, and also made it use the lower-level retPkt structures to get at the extra information we need. It stopped the loop in this case, at least. Please give r22408 in /nmap-exp/david/nmap-nsec.
one miner thing i noticed in your comments you referenced the rfc for domain labels but you missed one, not sure if this is the best text to quote though RFC 2782 Service The symbolic name of the desired service, as defined in Assigned Numbers [STD 2] or locally. An underscore (_) is prepended to the service identifier to avoid collisions with DNS labels that occur in nature.
Thanks, I just added that one. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: NSEC Enumeration script, (continued)
- Re: NSEC Enumeration script John Bond (Feb 15)
- Re: NSEC Enumeration script John Bond (Feb 24)
- Re: NSEC Enumeration script David Fifield (Feb 26)
- Re: NSEC Enumeration script John Bond (Feb 26)
- Re: NSEC Enumeration script John Bond (Feb 26)
- Re: NSEC Enumeration script David Fifield (Feb 26)
- Re: NSEC Enumeration script David Fifield (Feb 26)
- Re: NSEC Enumeration script John Bond (Feb 26)
- Re: NSEC Enumeration script John Bond (Feb 26)
- Re: NSEC Enumeration script David Fifield (Feb 26)
- Re: NSEC Enumeration script David Fifield (Feb 28)
- Re: NSEC Enumeration script John Bond (Mar 09)
- Re: NSEC Enumeration script David Fifield (Mar 14)
- Re: NSEC Enumeration script Patrik Karlsson (Mar 15)
- Re: NSEC Enumeration script John Bond (Mar 15)
- Re: NSEC Enumeration script David Fifield (Mar 15)
- Re: NSEC Enumeration script John Bond (Mar 15)
- Re: NSEC Enumeration script David Fifield (Mar 24)
- Re: NSEC Enumeration script John Bond (Mar 25)
- Re: NSEC Enumeration script John Bond (Mar 25)
- Re: NSEC Enumeration script David Fifield (Mar 26)