Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: ftp-brute.nse overhaul

From: Fyodor <fyodor () insecure org>
Date: Fri, 18 Sep 2009 22:54:36 -0700
On Sat, Sep 19, 2009 at 12:38:52AM -0500, Ron wrote:


And for what it's worth, ftp-anon.nse can probably be deleted (the 
functionality is replicated 100% in ftp-brute.nse now). Any objections?


Well, ftp-anon is one of our default scripts.  Checking whether a
discovered FTP server allows anonymous access is (arguably) OK by
default, but a brute force password guessing attack is not.  So it may
be best to leave them separate, but factor out any common code into a
library.

Cheers,
-F

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: