Nmap Development mailing list archives
Re: [nmap-svn] r21603 - nmap/todo
From: Fyodor <fyodor () insecure org>
Date: Mon, 10 Jan 2011 14:13:18 -0800
On Sun, Jan 09, 2011 at 08:54:15PM -0800, David Fifield wrote:
On Tue, Jan 04, 2011 at 06:11:52PM -0800, commit-mailer () insecure org wrote:+o A trivial change: we currently print some lines about NSE + pre-scanning and post-scanning in verbose mode even when no such + scripts are being run. We should not print those in that case. For + example, nmap -A -v scanme.nmap.org gives me these superfluous lines: + NSE: Starting runlevel 1 (of 2) scan. + Initiating NSE at 18:09 + NSE: Script Pre-scanning. + Completed NSE at 18:09, 0.00s elapsed + NSE: Starting runlevel 2 (of 2) scan. + Initiating NSE at 18:09 + NSE: Script Pre-scanning. + Completed NSE at 18:09, 0.00s elapsed + [...] + NSE: Starting runlevel 1 (of 2) scan. + Initiating NSE at 18:09 + NSE: Script Post-scanning. + Completed NSE at 18:09, 0.00s elapsed + NSE: Starting runlevel 2 (of 2) scan. + Initiating NSE at 18:09 + NSE: Script Post-scanning. + Completed NSE at 18:09, 0.00s elapsedI removed the messages Initiating NSE at 18:09 Completed NSE at 18:09, 0.00s elapsed when there are no scripts to be run. The others are more difficult, because when we enter a run level we don't yet know how many scripts will be run. It used to be the case that we loaded all the script instances in advance, but we now load them on demand in chunks to bound memory use. http://seclists.org/nmap-dev/2010/q4/308. It confuses the control flow somewhat, but I'm thinking about buffering these messages and only showing them once the first script will be run. That can have the weird side effect that some runlevels may be announced when others aren't, for example: NSE: Starting runlevel 1 (of 4) scan. NSE: Starting runlevel 2 (of 4) scan.
Thanks David, that helps. Maybe we don't need to print the runlevel stuff in plain verbose=1 mode anyway? For debugging, that information can be useful. But for a simple -v scan, it is probably enough to just say that nse scanning is starting, then do the whole NSE scan (or pre-scan or post-scan, including all runlevels), and then print that it has completed. Ideally the message will only print for an NSE phase if there is at least one script action being run. Verbosity (-v) is one of the most common options used with Nmap, so we need to be extra careful about what we print there. I'm not quite as concerned with -d and multiple -v levels. Cheers, Fyodor _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: [nmap-svn] r21603 - nmap/todo David Fifield (Jan 09)
- Re: [nmap-svn] r21603 - nmap/todo Fyodor (Jan 10)
- Re: [nmap-svn] r21603 - nmap/todo David Fifield (Feb 05)
- Re: [nmap-svn] r21603 - nmap/todo Fyodor (Jan 10)