Re: Nmap script ideas wiki

[Ron <ron () skullsecurity net>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tue, 15 Mar 2011 20:14:29 +0200 Toni Ruottu <toni.ruottu () iki fi> wrote:
> The problem
> present in many of them is that the protocol may be really open and
> powerful, so deciding how far to go in the scan is hard. 
That's a good question, and one that I run into a lot. 

What I typically do with Nmap is go as far as I am reasonably able to. That's what differentiates Nmap from other 
scanners like Nexpose, Nessus, etc - Most security scanners are simply concerned with find out if a vulnerability 
exists or not, and perhaps proving it, then generating a report and letting the user/customer/whoever know how 
vulnerable they are. 

Nmap scriptings, on the other hand, are extensions to nmap's probing techniques. I see them as a way to get 
additionally data/information from a host that may interest the scanner (whether they're a pentester, etc). 

So, IMO, you should go as far as you can. 

Ron
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (GNU/Linux)

iEYEARECAAYFAk2A4a8ACgkQ2t2zxlt4g/QZhgCfUPgHLB8/DCGzM8dXeiJZfevt
4x4AnijNl/3A/xW3xYb8U/jX01bKHnHY
=znel
-----END PGP SIGNATURE-----
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/