Nmap Development mailing list archives
Re: [NSE script] SSH weak hostkey
From: Fyodor <fyodor () insecure org>
Date: Wed, 3 Sep 2008 01:22:34 -0700
On Sun, Aug 17, 2008 at 11:11:27AM +0200, Sven Klemm wrote:
Hi, i've written a NSE script which checks the keys found by the SSH hostkey script for weak keys (CVE-2008-0166). Currently it uses the blacklists from the openssh-blacklist package but I am thinking about replacing it with something else as the lists only contains the last 10 bytes of the 16 byte fingerprint. Those lists are nevertheless quite big (8MB total) and I wonder what the policy for external data files for nmap is. Should a script include necessary data files or can it rely on other packages to supply them?
Hi Sven. Sounds like a great script, but unfortunately 8MB is too large to ship with Nmap by default. Though people could download and use it separately. Or perhaps it could do an internet lookup of part of the key. Of course, we've already talked recently about the problematic aspects of 3rd party DB lookups. So it is a tough call. Cheers, -F _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- [NSE script] SSH weak hostkey Sven Klemm (Aug 17)
- Re: [NSE script] SSH weak hostkey Fyodor (Sep 03)
- Re: [NSE script] SSH weak hostkey Arturo 'Buanzo' Busleiman (Sep 08)
- Re: [NSE script] SSH weak hostkey Arturo 'Buanzo' Busleiman (Sep 08)
- Re: [NSE script] SSH weak hostkey Brandon Enright (Sep 08)
- Re: [NSE script] SSH weak hostkey Arturo 'Buanzo' Busleiman (Sep 08)
- Re: [NSE script] SSH weak hostkey Sven Klemm (Sep 09)
- Re: [NSE script] SSH weak hostkey Arturo 'Buanzo' Busleiman (Sep 08)
- Re: [NSE script] SSH weak hostkey Fyodor (Sep 03)