Re: Thoughts on script documentation

[Martin Holst Swende <martin () swende se>]

On 12/08/2010 10:06 PM, David Fifield wrote:
> What if Nmap just came with a script that did the equivalent of
>
> rsync -r rsync://nmap.org/scripts/ /usr/share/nmap/scripts/
> rsync -r rsync://nmap.org/nselib/ /usr/share/nmap/nselib/
>
> This is pretty much what openvas-nvt-sync does. It also can download a
> .tar.bz2 file if rsync isn't installed.
>
> http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-scanner/tools/openvas-nvt-sync.in?rev=8017&root=openvas&view=markup
>
> Maybe rsync would be easy to get to Windows users. This also wouldn't
> solve the problem of version dependencies. 
That would be great!
It could be good to add some possibility to detect and warn a user if
there are *known* compatibility issues. E.g, issuing GET
http://nmap.org/scriptupdate?version=<installed_version> before the
rsync takes place. If scriptupdate detects that version is blacklisted
as "incompatible" with the current head, it could return an appropriate
status code and message : "Some of the scripts you are about to fetch
are marked as incompatible with your version of nmap. ".

/Martin
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/