Nmap Development mailing list archives
Re: [NSE] external category anticipated load
From: John Bond <john.r.bond () gmail com>
Date: Fri, 20 Apr 2012 00:30:07 +0200
Hi David, On 19 April 2012 21:45, David Fifield <david () bamsoftware com> wrote:
On Wed, Apr 18, 2012 at 11:50:57AM +0200, John Bond wrote:Hello Nmap hackers, I am have written a script which makes use of an external service. The script would be a replacement/compliment to asn-query, targets-asn and whois. however there is worry that the increased load would take down the service. in an effort to try and gauge this i wanted to ask if there is anyone here who would be able to give a good estimate of the number of requests one should expect to see from a script placed in the safe, external and discovery category.So what's the problem exactly? This some new third-party service that aggregates the information already available from different sources? And this new service can't handle as much traffic as those other sources, but might be more convenient because it gives all the answers at once?
The third party has all the data of these plugins plus a few more; however the service provider is unsure how much traffic it can take. they want to support the plugin but want to test their infrastructure first to ensure it is capable of handeling the load. I suspect/hope if it is not they would increase performance so it could.; however they would not want to release a tool which caused there site to go down and there for had an effect on their reputation
Another concern raised by the service provider was that they would have a record of everyone nmap user that used there service (i.e. web logs). Is this a genuine worry, has it come up before for other external services?That's why the external category exists. Any of the externals services we use could potentially be logging everything. It's a bit worse if this new service is set up exclusively for Nmap use; then it's likely that any query the service receives was also the target of a port scan.
that is what i assumed. the service is not set up exclusively for nmap so thats not a problem. I assumed that was what the external category was for however most external scripts are also in other categories e.g. safe, discovery. My personal optinoin is people should not be running script categories unless they know, or have a good idea of the type of scripts they are running. But i wanted to get the opinion of others
Finally the service provider would want to include, in the output, a line stating that the results were provided by them. Would this be acceptable?Speaking for myself, I would find that annoying.
I agree, and think this could end up being a crippling punch, although it could be negociable cheers John _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] external category anticipated load John Bond (Apr 18)
- Re: [NSE] external category anticipated load David Fifield (Apr 19)
- Re: [NSE] external category anticipated load John Bond (Apr 19)
- Re: [NSE] external category anticipated load Fyodor (Apr 21)
- Re: [NSE] external category anticipated load John Bond (Apr 23)
- Re: [NSE] external category anticipated load David Fifield (Apr 19)