Nmap Development mailing list archives
Re: Qscan in NSE: qscan.nse
From: David Fifield <david () bamsoftware com>
Date: Sat, 20 Mar 2010 22:10:23 -0600
On Fri, Mar 19, 2010 at 12:09:20PM -0500, Kris Katterjohn wrote:
On 03/19/2010 07:10 AM, Ron wrote:On Fri, 19 Mar 2010 00:32:27 -0700 Fyodor <fyodor () insecure org> wrote:On Thu, Mar 18, 2010 at 01:59:04AM -0500, Ron wrote:Ahh, I wasn't running it as root -- I don't have root on that system. I'll try it properly tomorrow. I blame St Patrick's day. :)Thanks for testing. And I suppose the script should probably give an error in verbose mode for the first host it runs against if it is not going to work for this reason. That way at least people who specify it explicitly on the command line should get the error thanks to the verbosity bump in that case. Cheers, -FHmm, yeah, I agree. Pretty much all my scripts, with a couple exceptions, will print out *something* if they run and nmap.debugging()>0. The only time I don't is when the odds of a script actually doing something are minimal.I updated ipidseq and qscan (attached) to print a message once about lack of privileges when verbosity > 0. So any report on how the script is actually working? If more changes are wanted, I'll stick it in nmap-exp/kris somewhere to avoid any more attachments.
It looks good to commit to me, just with some more documentation. Most important is a section on how to interpret the results. Explain what it means for ports to be in different "families." Document what the units are in the MEAN column (milliseconds?), or even better, just put "ms" in the output table. There should be a paragraph explaining what's going on: mean and stddev of RTT are calculated over multiple sends to a port. I don't think a reference to the Student's t-test is out of place, as long as it's not in the first paragraph. Also mention that it tests both open and closed ports--that surprised me at first. Oh, and the script arguments should be qualified with a "qscan." prefix. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: [NSE] script idea: identify ports behind a NAT, (continued)
- Re: [NSE] script idea: identify ports behind a NAT David Fifield (Mar 17)
- Re: [NSE] script idea: identify ports behind a NAT Kris Katterjohn (Mar 17)
- Qscan in NSE: qscan.nse Kris Katterjohn (Mar 17)
- Re: Qscan in NSE: qscan.nse Kris Katterjohn (Mar 17)
- Re: Qscan in NSE: qscan.nse Ron (Mar 17)
- Re: Qscan in NSE: qscan.nse Kris Katterjohn (Mar 17)
- Re: Qscan in NSE: qscan.nse Ron (Mar 18)
- Re: Qscan in NSE: qscan.nse Fyodor (Mar 20)
- Re: Qscan in NSE: qscan.nse Ron (Mar 19)
- Re: Qscan in NSE: qscan.nse Kris Katterjohn (Mar 19)
- Re: Qscan in NSE: qscan.nse David Fifield (Mar 20)
- Re: Qscan in NSE: qscan.nse Kris Katterjohn (Mar 21)
- Re: [NSE] script idea: identify ports behind a NAT David Fifield (Mar 17)
- Re: Qscan in NSE: qscan.nse Arturo 'Buanzo' Busleiman (Mar 20)
- Re: Qscan in NSE: qscan.nse Arturo 'Buanzo' Busleiman (Mar 18)
- Re: Qscan in NSE: qscan.nse doug (Mar 20)
- Re: Qscan in NSE: qscan.nse Arturo 'Buanzo' Busleiman (Mar 20)
- Re: Qscan in NSE: qscan.nse Kris Katterjohn (Mar 21)
- Qscan against localhost David Fifield (Mar 20)
- Re: Qscan in NSE: qscan.nse jah (Mar 21)
- Re: Qscan in NSE: qscan.nse Kris Katterjohn (Mar 21)
- Re: Qscan in NSE: qscan.nse jah (Mar 22)