Nmap Development mailing list archives
Re: NSE: tor-consensus-checker
From: Daniel Miller <bonsaiviking () gmail com>
Date: Fri, 20 Mar 2015 23:16:33 -0500
Jiayi, Thank you for this script! It definitely shows a good understanding of the Lua language and NSE in particular. Please refer to https://nmap.org/soc for details on applying to Nmap for GSOC 2015. Regarding your script, I think a few modifications are in order: 1. Instead of relying on the http library cache to reduce the number of requests to the Tor directory nodes, the script should have its own cache. This would preferably be a table so that IP lookups can happen quickly. As written, your script checks linearly through each large consensus document, each of which is mostly a duplicate of the others. 2. stdnse.format_output is deprecated; it is much simpler to just return a string. 3. If the consensus servers cannot be reached, then a verbose message (stdnse.verbose or stdnse.print_verbose) should be given once, and the hostrule should return false to prevent the script from running. Producing script output (by returning a string) for every target with a failure is probably too much output. Looking forward to seeing your application. Dan On Sun, Mar 15, 2015 at 9:22 PM, Jiayi Ye <yejiayily () gmail com> wrote:
Hi there, I am interested in getting involved in GSoC 2015. And I get started with writing a nse about tor-consensus-checker. The description is from https://secwiki.org/w/Nmap_Script_Ideas#tor-consensus-checker and the nse is attached. Thanks, Jiayi Ye _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- NSE: tor-consensus-checker Jiayi Ye (Mar 20)
- Re: NSE: tor-consensus-checker Daniel Miller (Mar 20)