Nmap Development mailing list archives
Re: [RFC] Vulnerability library proposal
From: Djalal Harouni <tixxdz () opendz org>
Date: Mon, 8 Aug 2011 15:08:45 +0100
Christian, On Mon, Aug 08, 2011 at 09:58:05AM +1000, Christian Heinrich wrote:
Djalal, On Sun, Aug 7, 2011 at 9:40 AM, Djalal Harouni <tixxdz () opendz org> wrote:It would be really great if we can have suggestions from pen-testers and from people that integrate and use Nmap in their security tools. Thanks in advance.http://dradisframework.org/ integrates nmap (XML) and they offer a
I've just learned about the 'dradisframework' thanks. Yes after a quick look it seems that there are a lot of options and tools and the framework can also import output data from other projects.
similar concept i.e. http://securityroots.com/vulndb/
We are designing this NSE vulns library to be flexible, so users can use their own DB like this 'Vuln::DB' or the 'OSVDB' etc. Perhaps Nmap will even have its own database ? We'll just use the DB IDs of the vulnerabilities to parse and reference entries. If these DBs can be exported in the CSV format then it will be really easy to parse them in Lua. The idea is taken from Marc Ruef vulscan script [1], the script compares Nmap -sV results with the OSVDB data and tries to report vulnerabilties. This library will unify the output and the internal data of these vuln scripts, and will try to offer some facilities to parse all the discovered vulnerabilties.
- "Risk factor": if present then show it (optional).Would this be the "Base Metrics" from CVSSv2?
Actually I was thinking that the "Risk factor" will be similar to the "Risk factor" of OpenVAS. In his email, Rob Nicholls noted that we should also print CVSS and CVSSv2 if they are present, and we'll do it. Of course this information should be provided by vulnerability scripts, and we'll make it optional, we want a flexible library.
- "References": reference links (optional).nmap could use a single reference value, such as CVE #. The other references (i.e. blogs, advisories, etc) could be retrieved when the results from Nikto, skipfish, etc are consumed, such as when they are uploaded to http://dradisframework.org/ However, it would assist with error checking/quality if nmap also mentioned these values.- "Description": vulnerability description (optional).This could be obtained in real time with http://scap.nist.gov/
This information should also be provided by scripts and they can use their prefered way to get it, however this type of scripts will be 'external' and I don't think that they will be included by default in Nmap, but anyone if free to write, adapt and submit his own scripts. We can perhaps have an 'external' scap-vuln-description.nse script that will fetch the standard descriptions of all the discovered vulnerabilties and update the internal data of the vulnerability library. Thanks Christian. [1] http://seclists.org/nmap-dev/2010/q2/726 -- tixxdz http://opendz.org _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [RFC] Vulnerability library proposal Djalal Harouni (Aug 06)
- RE: [RFC] Vulnerability library proposal Rob Nicholls (Aug 07)
- Re: [RFC] Vulnerability library proposal Henri Doreau (Aug 09)
- Re: [RFC] Vulnerability library proposal Djalal Harouni (Aug 09)
- Re: [RFC] Vulnerability library proposal Djalal Harouni (Aug 09)
- Re: [RFC] Vulnerability library proposal Daniel Miller (Aug 09)
- Re: [RFC] Vulnerability library proposal Djalal Harouni (Aug 09)
- Re: [RFC] Vulnerability library proposal Henri Doreau (Aug 09)
- RE: [RFC] Vulnerability library proposal Rob Nicholls (Aug 07)
- Re: [RFC] Vulnerability library proposal Christian Heinrich (Aug 09)
- Re: [RFC] Vulnerability library proposal Djalal Harouni (Aug 09)
- Re: [RFC] Vulnerability library proposal Christian Heinrich (Aug 09)
- Re: [RFC] Vulnerability library proposal Djalal Harouni (Aug 09)
- RE: [RFC] Vulnerability library proposal Rob Nicholls (Aug 09)
- Re: [RFC] Vulnerability library proposal Christian Heinrich (Aug 09)
- RE: [RFC] Vulnerability library proposal Rob Nicholls (Aug 09)
- Re: [RFC] Vulnerability library proposal Djalal Harouni (Aug 09)
- Re: [RFC] Vulnerability library proposal Djalal Harouni (Aug 09)
- Re: [RFC] Vulnerability library proposal Djalal Harouni (Aug 12)