Re: [NSE] ms-sql scripts and library updates merged

[Patrik Karlsson <patrik () cqure net>]

Den 2011-03-19 21.45 skrev Fyodor <fyodor () insecure org>:

> On Sat, Feb 26, 2011 at 11:50:25PM +0100, Patrik Karlsson wrote:
> > Hi all,
> >
> > I just merged the work Chris Woodbury and I have been doing on the
> > ms-sql branch.
>
> This is exciting stuff!  But I'm noticed some unfortunate performance
> characteristics in certain scans due to the way that ms-sql-discover
> and ms-sql-info are in the "default" category and have hostrules which
> basically match every host.  So say I want to scan for web servers and
> run the default web-related scripts against them.  I might do:
>
> ./nmap --datadir . -p80 -Pn -n -v --open -T4 -sC scanme.nmap.org/24
>
> This took 120 seconds in the run I just did.  But almost all of this
> time is actually from ms-sql-*.  If I change -sC to "--script default
> and not ms-sql-*" to exclude the sql scripts, it takes less than 7
> seconds.
>
> I'm not sure of the best solution.  Options include:
>
> o Remove these scripts from "default"
>
> o Make mssql.SCANNED_PORTS_ONLY default behavior (so it looks at the
>  port state of common ms-sql ports rather than trying to query all
>  hosts)
>
> o Or maybe there are other ways to make it more selective or faster?
>
> What do you think?
>
> Cheers,
> Fyodor

Sorry for not getting back to you on this. As I haven't had the time to
come up with a better solution, I propose we remove it from default for
now. Anyone disagree?

//Patrik

>


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/