Re: [NSE] firewalk-path script

[David Fifield <david () bamsoftware com>]

On Mon, Jan 17, 2011 at 11:59:40AM +0100, Henri Doreau wrote:
> Hello,
>
> here is an updated version of the script. I initially wanted to add a
> way for the user to supply the ports to probe. I thought about direct
> specification of ports ranges through --script-args but this can
> already be achieved using -p <ports> and that would have been somehow
> redundant.
>
> If the real aim of firewalking fewer ports than every filtered ones is
> to reduce the execution time, then just using a limit of ports to
> probe would be better. I have seen that qscan.nse uses this solution
> with qscan.numopen and qscan.numclosed.
>
> This second version simply offers a max-probed-ports argument and
> makes use of stdnse.get_timespec() to parse timing options.

Hi Henri, I took this more recent script and renamed it over the
previous firewalk.nse. The feature of automatically identifying the
gateways that are dropping packets is so useful that I think it will be
the more common behavior.

If you would like to, you can restore the .ttl and .gateway arguments
that would cause the script to work as it did before.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/