Re: Nmap tty and NSE

[David Fifield <david () bamsoftware com>]

On Mon, Dec 22, 2008 at 10:08:51PM +0000, doug () hcsw org wrote:
> When I added run-time interaction to NSE:
>
> http://seclists.org/nmap-dev/2007/q4/0818.html
>
> I proposed an enhanced output format for NSE interaction.
> I still think this would be quite useful:
>
> Stats: 0:00:07 elapsed; 0 hosts completed (2 up), 2 undergoing Script Scan
> Active NSE scripts: 3
>   * 5.2s: HTTPAuth.nse @ insecure.org:80
>   * 3.6s: showHTMLTitle.nse @ hcsw.org:80
>   * 3.4s: showHTMLTitle.nse @ insecure.org:80
> SCRIPT ENGINE Timing: About 37.50% done; ETC: 19:27 (0:00:02 remaining)

I like that output. It's like ultra_scan with -d3. You get all this
great output that looks like

**TIMING STATS** (0.2810s): IP, probes active/freshportsleft/retry_stack/outstanding/retranwait/onbench, 
cwnd/ssthresh/rate/maxrate, timeout/srtt/rttvar/
   Groupstats (1/1 incomplete): 10/*/*/*/*/* 10.00/75/9813.54/* 1000000/-1/-1

which tells you just about all the important variables used by the scan
algorithms. With -d4 you get stats for each host too. I really rely on
this output when I need some insight into performance. I like to run it
through an Awk script and generate graphs.

Of course this doesn't replace a debugger, but would be nice to have all
the same. A big simple improvement, I think, would be one line printed
when each script starts and stops. That was going to be the first thing
I did when I started work on NSE output. I think it should happen with a
debug level of 1.

David Fifield

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org