Nmap Development mailing list archives
Re: [NSE] SSL Fingerprint Matching
From: Toni Ruottu <toni.ruottu () iki fi>
Date: Thu, 6 Jan 2011 23:00:05 +0200
So the options are 1) send the file with nmap and have it work out of box, 2) provide the file separately, and 3) provide a bigger nmap deluxe release that has the file in it. What do you think is the way to go? On Thu, Jan 6, 2011 at 10:25 PM, Rob Nicholls <robert () robnicholls co uk> wrote:
Doh, you're totally right! NSIS's LZMA compression and the compressed Nmap source code downloads wouldn't change the size of the resulting file no matter whether the blacklist was stored compressed or uncompressed. It's still significantly larger relative to the existing Nmap downloads. Rob -----Original Message----- From: nmap-dev-bounces () insecure org [mailto:nmap-dev-bounces () insecure org] On Behalf Of Toni Ruottu Sent: 06 January 2011 20:21 To: Mak Kolybabi Cc: nmap-dev; Arturo 'Buanzo' Busleiman Subject: Re: [NSE] SSL Fingerprint Matching Disk space is cheap, so we should not worry about disk space, right?. Nmap releases are compressed, so having a compressed file in there does not make it smaller. I am not sure if compressing the file would help. On Thu, Jan 6, 2011 at 10:08 PM, Mak Kolybabi <mak () kolybabi com> wrote:On 2011-01-06 22:01, Toni Ruottu wrote:Nice work. Why are we worried about the fingerprint file size? Nmap all ready ships with operating system detection and software version identifying databases. How big do we expect the SSL fingerprint file tobecome?Depends on how much info we want to include with each fingerprint. Right now, I've trimmed it down to the minimum of just saying where it came from originally, removing all the model/manufacturer/version info. The other thing that could make the file size balloon is including the Debian SSL blacklist. I believe those are in the tens of megabytes. -- Mak Kolybabi <mak () kolybabi com> () ASCII Ribbon Campaign | Against HTML e-mail /\ www.asciiribbon.org | Against proprietary extensions_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: [NSE] SSL Fingerprint Matching Toni Ruottu (Jan 06)
- Re: [NSE] SSL Fingerprint Matching Mak Kolybabi (Jan 06)
- RE: [NSE] SSL Fingerprint Matching Rob Nicholls (Jan 06)
- Re: [NSE] SSL Fingerprint Matching Toni Ruottu (Jan 06)
- RE: [NSE] SSL Fingerprint Matching Rob Nicholls (Jan 06)
- Re: [NSE] SSL Fingerprint Matching Toni Ruottu (Jan 06)
- Re: [NSE] SSL Fingerprint Matching Fyodor (Jan 06)
- Re: [NSE] SSL Fingerprint Matching Mak Kolybabi (Jan 06)
- <Possible follow-ups>
- Re: [NSE] SSL Fingerprint Matching David Fifield (Feb 22)
- Re: [NSE] SSL Fingerprint Matching Fyodor (Feb 23)
- Re: [NSE] SSL Fingerprint Matching Toni Ruottu (Mar 17)
- Re: [NSE] SSL Fingerprint Matching Mak Kolybabi (Mar 18)
- Re: [NSE] SSL Fingerprint Matching Fyodor (Feb 23)
- Re: [NSE] SSL Fingerprint Matching Mak Kolybabi (Mar 20)
- Re: [NSE] SSL Fingerprint Matching David Fifield (Mar 22)