Re: [NSE Script] MySQL Server Information

[Kris Katterjohn <katterjohn () gmail com>]

jah wrote:
> I think that this thread is getting difficult to follow! ;)
>
>  From my point of view I think it's clear that an ideal would be to have 
> one script, which defaults to the "safe" mode of gathering information, 
> but which can also be stepped-up to be more intrusive should the user 
> require it.  Otherwise we'd have a brute-force script that did exactly 
> the same as the info script (with, obviously, the bruting too) and that 
> seems rather counter-intuitive.  Much better, I think, to have all the 
> functionality in one script and a) not needlessly introduce code 
> redundancy and b) not needlessly increase the amount of network activity 
> in such cases (for example) where all scripts are run.
>
> For now though the current script is very useful and stands alone.  In 
> the future (and assuming that MySQLinfo is checked-in), it might be 
> replaced with a script that increases the functionality, but behaves the 
> same in it's default mode.

Yeah, that sounds good.  We can work with Thomas on the improved script; 
remember, it requires the SSL bindings.

For now though, if anybody thinks so and I'm given the go I'll commit 
the new script as-is.  Unless we have any other suggestions! :)

> And here's a mad thought, there could be a complete overhaul of the 
> script category framework which would allow a modifier category of some 
> kind:
>
> categories = {"safe", "discovery"}
> modified-by = {"intrusive", "vulnerability"}
>
> so that a script in the above categories would behave safely if a script 
> scan called for safe and discovery scripts, but would behave more 
> intrusively if a scan called for intrusive and vulnerability scripts.
>
> hmmmmm, what thinketh youeth?

That sounds like a really cool idea

> jah

Thanks,
Kris Katterjohn

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org