Nmap Development mailing list archives
Re: [RFC] Default NSE Scripts
From: Kris Katterjohn <katterjohn () gmail com>
Date: Fri, 16 May 2008 17:00:53 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 jah wrote:
On 14/05/2008 17:06, Kris Katterjohn wrote:I've committed the patch for this and added to Default. Aside from SMTPcommands being changed (which can wait and be moved over later), are there any other outstanding issues with the current list below? What about dns-test-open-recusion as Jah mentioned?I did a little test and from 5000 hosts, 7 had udp 53 open and of those, 3 resulted in "Recursion seems enabled". So, er, that's conclusive then. Of course, this means I got 4997 "Recursion not enabled" which gives a very poor signal to noise ratio! Perhaps it would be best to leave this one out.
I've removed the "Recursion not enabled" line from the script, and have also removed it from Default list. Sorry that one took so long :) The new list is below. Jason says he'll fix up the SMTPcommands script, so that can be switched later. Are there any issues or concerns at all with the following list? If not, I'll try to commit it this weekend. Default: * anonFTP * finger * ftpbounce * HTTPAuth * HTTP_open_proxy * MSSQLm * MySQLinfo * nbstat * RealVNC_auth_bypass * robots * rpcinfo * showHTMLtitle * showOwner * SNMPsysdesr * SSHv1-support * SSLv2-support * UPnP-info Non-Default: * bruteTelnet - Too intrusive and slow * chargenTest - Obscure / "demo" * daytimeTest - Obscure / "demo" * dns-test-open-recursion - Should only be done if port is open * echoTest - Obscure / "demo" * HTTPpasswd - A bit too intrusive and probably not useful enough * HTTPtrace - Not default material * iax2Detect - "version" * ircServerInfo - I don't think this is default material (but I'm also not an IRC user) * ircZombieTest - "malware" * kibuvDetection - "malware" * netbios-smb-os-detection - I want this to be default, but it's "version" * PPTPversion - "version" * promiscuous - I don't think it's useful enough * ripeQuery - Abusive to RIPE * showHTTPversion - Obscure / only category is "" * showSMTPVersion - Obscure / "demo" * showSSHVersion - Obscure / "demo" * skype_v2-version - "version" * SMTPcommands - Jason says he'll change it with nmap.verbosity() * SMTP_openrelay_test - "demo" because of "real hostname" issue * SQLInject - Obvious reasons :) * strangeSMTPport - Obscure / "backdoor" * xamppDefaultPass - "vulnerability" * zoneTrans - Just doesn't seem like default material IMO
jah
Thanks, Kris Katterjohn -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQIVAwUBSC4EE/9K37xXYl36AQLP7Q//U0dAqUgbxHcj7bW1o/+CKQboCS0uSLll 7hZu+WtuB7MAn42SDkAdh8b68OGfKpjpc5fmLg1CAryGxQSEJr6kUps6VJomdQ00 7H3PlRyecQPnjn49DnZZSKxXN092wVlRTlSGQlnpWyTXPkiuyYluRlX4SIjnYRVR NgrtIGM95ShO5ImRZ38JaVUqMXjbJD9i/jN1jMAsvYvRuqI+v/5sbhNFCazNS99/ 9cQVVFwzkjLdc5mOUEwlqJSrJArSO/2ZBb7tyzPH22BKZdlE4Yate4wHcReMsB6N WYRwdpQA4uTltDZdjZO4eLgkbwpK9DC3AXJsYC1Nk6ew4i1v8cSgSauHFfmWkbey WlFO1UZh+FUiMdF7nm+Ifh1OXJo+AL9nEfziLKim102iS1qoQSZt2hkg0vZbhImZ 9raJ0XK+/PdvELozvEvEuGvoNBpgW7XJbbFffb1RLB7eI0+OAgI+smvSS/57zrj6 SyrBG/qUAZfFHMzi4ka/JKsp1PCYcQf0nSOayk+a0MH2bv4UK3Ul0BCb1Sk2pqrm 0x/0YZkpd/2u2KhAY/LOpQ7WsSuabYFpjdira5FQSfU+w3tWb7Ycsz3vTnqbcQNG xUCswx5D5v1QfNrxth83EKKfBKBMJqGHil3TnjZNk/759OFNOmEcUJyzsDymC2v7 HV+2o1Rqgho= =Pul9 -----END PGP SIGNATURE----- _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Re: [RFC] Default NSE Scripts, (continued)
- Re: [RFC] Default NSE Scripts Fyodor (May 12)
- Re: [RFC] Default NSE Scripts Diman Todorov (May 11)
- Re: [RFC] Default NSE Scripts Fyodor (May 12)
- Re: [RFC] Default NSE Scripts Kris Katterjohn (May 12)
- Re: [RFC] Default NSE Scripts Kris Katterjohn (May 12)
- Re: [RFC] Default NSE Scripts Kris Katterjohn (May 14)
- Re: [RFC] Default NSE Scripts jah (May 14)
- Re: [RFC] Default NSE Scripts Kris Katterjohn (May 14)
- Re: [RFC] Default NSE Scripts Brandon Enright (May 14)
- Re: [RFC] Default NSE Scripts Kris Katterjohn (May 14)
- Re: [RFC] Default NSE Scripts Kris Katterjohn (May 12)
- Re: [RFC] Default NSE Scripts Kris Katterjohn (May 16)
- Re: [RFC] Default NSE Scripts Fyodor (May 16)
- Re: [RFC] Default NSE Scripts Kris Katterjohn (May 16)
- Re: [RFC] Default NSE Scripts DePriest, Jason R. (May 19)
- Re: [RFC] Default NSE Scripts Fyodor (May 19)
- Re: [RFC] Default NSE Scripts DePriest, Jason R. (May 19)
- Re: [RFC] Default NSE Scripts Arturo 'Buanzo' Busleiman (May 20)
- Re: [RFC] Default NSE Scripts DePriest, Jason R. (May 21)
- Re: [RFC] Default NSE Scripts Kris Katterjohn (May 20)
- Re: [RFC] Default NSE Scripts Kris Katterjohn (May 27)
- Re: [RFC] Default NSE Scripts jah (May 27)