Re: Safe and Intrusive Category confusion

[David Fifield <david () bamsoftware com>]

On Sat, Sep 19, 2009 at 02:41:07AM -0400, Patrick Donnelly wrote:
> I just was recently looking through some of the scripts' categories
> and found some inconsistencies. Some of our scripts do not have an
> intrusive or safe category. In previous discussions [1], the general
> consensus was that safe and intrusive would be mutually exclusive
> categories and each script would be in one of these two categories. I
> did a check through our scripts to see which scripts were not safe and
> not intrusive:
>
> (I edited one extraneous line out and one should note that the last
> script, ssh-hostkey.nse is both safe AND intrusive??). I want to go
> ahead and fix these scripts but wanted to make sure that having each
> script be "safe" XOR "default" is the way to go?

If this is the case, what do you think about deprecating intrusive and
using "not safe" instead?

I was trying to think of a reason not to have the safe XOR intrusive
rule, but I couldn't think of any scripts that would be considered both
safe and intrusive, or both not safe and not intrusive.

> Also, I think we need to be more strict with category assignment
> (possibly construct a more thorough description and requirements
> document?) before acceptance into the trunk, just like NSEDoc. Some
> scripts have only one category when they could fit in several (and
> some are in the wrong categories, like ssh-hostkey.nse).

The best description of the criteria that should be used when assigning
categories is http://nmap.org/book/nse-usage.html#nse-categories.

David Fifield

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org