Re: [RFC] Default NSE Scripts

[Brandon Enright <bmenrigh () ucsd edu>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Thu, 15 May 2008 00:10:37 -0500 or thereabouts Kris Katterjohn
<katterjohn () gmail com> wrote:

> Unless there is any objection, I'm going to remove the "Recursion not
> enabled" from the script because it does add unnecessary clutter to
> the output (even completely aside from the Default-worthiness of it).

I agree that this is a good idea.  I'd prefer most scripts to not
output anything on failure.  In this case, it isn't failure as much as
it is the "take no action" state.

> 3/7 isn't bad, so I think it is still OK for Default with the above
> removed.  What do you guys think?
>
> Thanks,
> Kris Katterjohn

So I have a question about shortport from the script:

portrule = shortport.portnumber(53, "udp")

Is shortport for UDP == "open" or is it == "open|filtered"?  The docs
don't say and I haven't dug into the code.

If it is "open|filtered" we shouldn't include it by default.  If it is
"open" I think we should.  I suppose that would most likely require -sV
to have determined the port is open but that shouldn't be that big a
deal.

The script output is valuable enough that I'd like it to run by default
if port 53 has already been flagged as open.

Brandon

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)

iEYEARECAAYFAkgryAgACgkQqaGPzAsl94IpPQCgo6r8soU24VnhRFopuaW7ySzh
T/EAn3QZd9VHht52n0lAmtA0U+XQTaRG
=Xn24
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org