Re: smbv2-dos.nse

[Patrick Donnelly <batrick () batbytes com>]

On Sun, Sep 13, 2009 at 6:31 AM, jah <jah () zadkiel plus com> wrote:
> I agree with Kris et al: "all" should mean all.
> I think, however, that the script would be better categorised as
> "exploit" rather than "dos" to complement the "vuln" category.  I don't
> think it makes sense to start adding categories for each type of exploit
> in the same way that we don't have a category for each type of
> vulnerability.  Having said that, there isn't a large number of
> vulnerability categories/exploit types and there might be some advantage
> to adding these categories to scripts - you could then say "exploit and
> not dos" or "vuln and not sqli" for example.

I like 'exploit'. We can keep 'dos' as well; I don't see a problem
with unofficial categories (which may become official in the future
with increased use).

When I use the 'all' category I want to use a lot of scripts but
certainly don't want any of them to break the box I'm scanning. The
exploit category (if broad enough) would be useful so I can use 'all
and not exploit' instead. We could apply the exploit category to
scripts like http-passwd.nse (which recently pissed off some network
admins for me). Perhaps the exploit category would be a superset of
'vuln' and 'intrusive'.

-- 
-Patrick Donnelly

"Let all men know thee, but no man know thee thoroughly: Men freely
ford that see the shallows."

- Benjamin Franklin

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org