Re: NSE: tor-consensus-checker

[Daniel Miller <bonsaiviking () gmail com>]

Jiayi,

Thank you for this script! It definitely shows a good understanding of the
Lua language and NSE in particular. Please refer to https://nmap.org/soc
for details on applying to Nmap for GSOC 2015.

Regarding your script, I think a few modifications are in order:

1. Instead of relying on the http library cache to reduce the number of
requests to the Tor directory nodes, the script should have its own cache.
This would preferably be a table so that IP lookups can happen quickly. As
written, your script checks linearly through each large consensus document,
each of which is mostly a duplicate of the others.

2. stdnse.format_output is deprecated; it is much simpler to just return a
string.

3. If the consensus servers cannot be reached, then a verbose message
(stdnse.verbose or stdnse.print_verbose) should be given once, and the
hostrule should return false to prevent the script from running. Producing
script output (by returning a string) for every target with a failure is
probably too much output.

Looking forward to seeing your application.

Dan

On Sun, Mar 15, 2015 at 9:22 PM, Jiayi Ye <yejiayily () gmail com> wrote:

> Hi there,
>     I am interested in getting involved in GSoC 2015. And I get started
> with writing a nse about tor-consensus-checker. The description is from
> https://secwiki.org/w/Nmap_Script_Ideas#tor-consensus-checker and the nse
> is attached.
>
> Thanks,
> Jiayi Ye
>
> _______________________________________________
> Sent through the dev mailing list
> https://nmap.org/mailman/listinfo/dev
> Archived at http://seclists.org/nmap-dev/
_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/