Re: quake3 opportunistic portrule

[Toni Ruottu <toni.ruottu () iki fi>]

I thought the probe would still be useful for people who compile nmap
without scripting support. Do we need to worry about such users?

On Tue, Apr 19, 2011 at 12:59 AM, David Fifield <david () bamsoftware com> wrote:
> On Sat, Apr 09, 2011 at 01:48:11AM +0300, Toni Ruottu wrote:
> > I am reopening this old topic. We added a probe for detecting
> > quake3-master servers. We decided we should not add another probe for
> > detecting Dpmaster as it is just a specific implementation. I am
> > thinking of writing a dpmaster-version script that would run against
> > quake3-master servers, and check whether that server is Dpmaster or
> > not. Does this make sense? With the script we do not need to add
> > probes that get sent against all targets. Instead we can only run
> > version detection against ports that have already been identified as
> > quake3-master.
>
> I appreciate what you're saying, but I'd like to take it in a different
> direction. How about deleting the Quake3_master_getservers version probe
> and replacing it with quake3-master-version.nse instead? I don't want a
> dpmaster-version.nse script. The principle should be generality: one
> probe (or script) to distinguish a variety of servers, not a separate
> test for each one.
>
> If the portrule for the version script is as strict as the current list
> of ports for Quake3_master_getservers, it's not a big problem.
>
> David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/