Re: [NSE] Script to enumerate network interfaces

[David Fifield <david () bamsoftware com>]

On Fri, Mar 05, 2010 at 09:40:51PM -0600, Thomas Buchanan wrote:
> David Fifield wrote:
> > Here's the result running against Windows XP:
> >
> > PORT    STATE SERVICE
> > 161/udp open  snmp
> > | snmp-interfaces:
> > |   MS TCP Loopback interface
> > |     IP address: 127.0.0.1/255.0.0.0
> > |     Type: softwareLoopback (10 Mbps)
> > |     Status: up
> > |     Traffic stats: 56.32 Kb sent, 56.32 Kb received
> > |   Marvell Yukon 88E8053 PCI-E Gigabit Ethernet Controller - Packet  
> > Scheduler Miniport
> > |     IP address: 192.168.0.190/255.255.255.0
> > |     MAC address: 00:16:cb:ae:d4:ac (Apple Computer)
> > |     Type: ethernetCsmacd (10 Mbps)
> > |     Status: up
> > |_    Traffic stats: 14.90 Mb sent, 7.64 Mb received
> >
> > My suggestion on the output: I would have non-verbose show only the up
> > interfaces (including loopback, to reduce confusion), and have verbose
> > mode show all interfaces. Non-verbose would be like "ifconfig" and
> > verbose would be like "ifconfig -a". I think the extra information like
> > MAC address and traffic stats is of interest even without verbosity. The
> > Status line could be omitted in non-verbose mode.
> >
> > The snmp scripts are really fantastic. They make me want to add
> > -sU -pU:161 --script='snmp-*' even to TCP scans, there's so much
> > information available.
> >
> > I like the script so I've already committed it.
> >
> > You might make the iana_types a static table at the script level, so
> > that it's not reconstructed every time get_iana_type is called.
> >
> > Does it work with IPv6 addresses?
> >
> > David Fifield
>
>
> Thanks for reviewing and committing the script!  I've attached a patch  
> that addresses your comments about the iana_types and the output  
> formatting.  The verbose and non-verbose now provide almost the same  
> amount of information, but non-verbose doesn't show interface status,  
> and doesn't show interfaces that are marked as down.

Okay, those changes are committed.

> The script doesn't know anything about IPv6 (yet).  There's apparently a  
> separate MIB (IPV6-MIB) that deals with that.  A snmpwalk of my Windows  
> 7 box shows that it responds with some values in that area, so I'll take  
> a look and see what information might be accessible to us.
>
> I'm also working on a patch that will factor out the snmp_walk function  
> from all of the individual snmp scripts and will move it to the snmp.lua  
> library, similar to how the http library works.  My goal is to add  
> timeout and retransmission handling to the function, to make the snmp  
> scripts more reliable against hosts that aren't always timely in their  
> response.  I'll post that separately once it's closer to working shape.

Good! That's one of the things I thought of when looking at the SNMP
scripts.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/