Nmap Development mailing list archives
Re: quake3 opportunistic portrule
From: Toni Ruottu <toni.ruottu () iki fi>
Date: Mon, 25 Apr 2011 17:01:31 +0300
I thought the probe would still be useful for people who compile nmap without scripting support. Do we need to worry about such users? On Tue, Apr 19, 2011 at 12:59 AM, David Fifield <david () bamsoftware com> wrote:
On Sat, Apr 09, 2011 at 01:48:11AM +0300, Toni Ruottu wrote:I am reopening this old topic. We added a probe for detecting quake3-master servers. We decided we should not add another probe for detecting Dpmaster as it is just a specific implementation. I am thinking of writing a dpmaster-version script that would run against quake3-master servers, and check whether that server is Dpmaster or not. Does this make sense? With the script we do not need to add probes that get sent against all targets. Instead we can only run version detection against ports that have already been identified as quake3-master.I appreciate what you're saying, but I'd like to take it in a different direction. How about deleting the Quake3_master_getservers version probe and replacing it with quake3-master-version.nse instead? I don't want a dpmaster-version.nse script. The principle should be generality: one probe (or script) to distinguish a variety of servers, not a separate test for each one. If the portrule for the version script is as strict as the current list of ports for Quake3_master_getservers, it's not a big problem. David Fifield
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: quake3 opportunistic portrule Toni Ruottu (Apr 08)
- Re: quake3 opportunistic portrule David Fifield (Apr 18)
- Re: quake3 opportunistic portrule Toni Ruottu (Apr 25)
- Re: quake3 opportunistic portrule David Fifield (Apr 25)
- Re: quake3 opportunistic portrule Toni Ruottu (Apr 25)
- Re: quake3 opportunistic portrule David Fifield (Apr 18)