Re: [RFC] Default NSE Scripts

[Kris Katterjohn <katterjohn () gmail com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Fyodor wrote:
> Does anyone have concrete reasons why it is important to enumerate the
> full list of supported SSL2 ciphers?  If not, I suggest that we change
> the script to only print those in debugging mode or when verbosity
> level is at least 2.  With that change, I think it is reasonable to
> keep the script default.

I've committed the patch for this and added to Default.  Aside from
SMTPcommands being changed (which can wait and be moved over later), are
there any other outstanding issues with the current list below?

What about dns-test-open-recusion as Jah mentioned?


Default:

* anonFTP
* dns-test-open-recursion - Is this useful often enough?
* finger
* ftpbounce
* HTTPAuth
* HTTP_open_proxy
* MSSQLm
* MySQLinfo
* nbstat
* RealVNC_auth_bypass
* robots
* rpcinfo
* showHTMLtitle
* showOwner
* SMTPsysdesr
* SSHv1-support
* SSLv2-support
* UPnP-info

Non-Default:

* bruteTelnet - Too intrusive and slow
* chargenTest - Obscure / "demo"
* daytimeTest - Obscure / "demo"
* echoTest - Obscure / "demo"
* HTTPpasswd - A bit too intrusive and probably not useful enough
* HTTPtrace - Not default material
* iax2Detect - "version"
* ircServerInfo - I don't think this is default material (but I'm also
not an IRC user)
* ircZombieTest - "malware"
* kibuvDetection - "malware"
* netbios-smb-os-detection - I want this to be default, but it's "version"
* PPTPversion - "version"
* promiscuous - I don't think it's useful enough
* ripeQuery - Abusive to RIPE
* showHTTPversion - Obscure / only category is ""
* showSMTPVersion - Obscure / "demo"
* showSSHVersion - Obscure / "demo"
* skype_v2-version - "version"
* SMTPcommands - Too much output currently
* SMTP_openrelay_test - "demo" because of "real hostname" issue
* SQLInject - Obvious reasons  :)
* strangeSMTPport - Obscure / "backdoor"
* xamppDefaultPass - "vulnerability"
* zoneTrans - Just doesn't seem like default material IMO


> Cheers,
> -F

Thanks,
Kris Katterjohn

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQIVAwUBSCsOHv9K37xXYl36AQIeHhAArnzZmJFaFFruPoTffVM0DLEqnAHewL2E
j3xgFwNgPqaq5pYs+mN1zomkDjUFNlhyeI/+ynRFPPRE3VjBC9OhmHG+wL13qBR7
AryH1q5iMi9SDYxatiaQa1IEOjQaN55Cq1gdff0V56A99qwFH5BDJq3FALmhhVUY
hZHmBkgB6ZpXP+yGyZENtIXxp9nGsj9LCrDmx7Ug9DrXdFQ7bY4zb79MCaSfiWTP
tyhdiHNNWRDeLIvv0+28cS3hexD4BkvYzlbCL9Fa9FCSwDOMDj5D+wpFoeVINkVp
FMkjue0PnCxJJWnnPX4bt2tgIAsI+y9OgWCGAqTbgM44Qdbzfi9fAFts+a0j+bth
qcfXLfsSGY7A/EHOYeerZCGA8v8ck39magqcd/M1ACgdC4xKs0l1TwuhSLYZK54B
pwImg1j5r88Y9XVs9fC4l1EDXkB/HflWoA/yNcN3hqt2tOeqzAdIYlNsJhqwaeiR
4IZimOh3aXy6zwpIMOW016yQ2Cs3ojcvjIyUH7eIWHilIhdjEgAkGhcvn6jN9qwu
Q+8yJK4xu65LNujcV+fVbdUV1wJD0fIxsrIhxvaO8E9B4/BFs8XPHlwVV5UxtXnu
ZBEIYMLDSqMFpSnmuhO/3O/iNqNZiyveZiuYOVHh6iEb0dVZqLnWRtracllcdmAM
utgJK/fCv3w=
=G8wa
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org