Re: [RFC] Default NSE Scripts

[Fyodor <fyodor () insecure org>]

On Sat, May 10, 2008 at 05:02:06PM -0500, Kris Katterjohn wrote:
> Well, by "generally useful" I mean that quite a bit of people will find
> it useful.  It produces interesting output for a protocol/service that's
> not obscure so that it is /generally/ useful.

Yes, though I think obscure service scripts are great to have by default as long as they only run when that service is 
present.  Scripts should only be denied for obscurity if they consume time, output lines, or other resources in cases 
where the service/issue is not present.

> > > * finger
> > Isn't finger a bit obscure now?
>
> It is, but I see finger running often enough that I think it's a good
> default (though it's not terribly popular either).

This is one of those issues where finger.nse is useful when finger is
available, and doesn't hurt anything when it isn't.  The script only
runs if port 79 (or any port detected as "finger" by service
detection) is open.  So even if finger is considered obscure, it is
ueful to have this script IMHO for those times it is running.  And if
finger isn't running, the script doesn't run either.  So it doesn't
hurt anything in that case.

Cheers,
-F

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org