Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: NSEC Enumeration script

From: John Bond <john.r.bond () gmail com>
Date: Sat, 26 Feb 2011 14:03:28 +0100
On 26 February 2011 13:11, John Bond <john.r.bond () gmail com> wrote:

The script and the library hanges are getting closer to being accepted.
I still have doubts about the interface of dns.dnssec_query. In the
first place, it would be better if the DNSSEC queries could be made
using the same top-level function as other DNS queries--is DNSSEC really
so different that it needs a different interface? > I don't mind having a
convenience wrapper for DNSSEC, but it should call the same underlying
function as other queries.

not at all, i originally added all of this functionality to the normal
query fuction but i started to worry it might make other scripts
incompatible.  the main difference is dnssec_query has an extra return
'rPkt.dnssec' which indicates if the server responded with dnssec.  I
also use the host.ip instead of trying to use the system however this
is probably because of what im trying to do and could be set else
where.  edns is on by default but i think this should also be an
option for the query function.  Finnaly you would need another option

Just had a quick look and one of the other things is that dnssec_query
was a copy of query from before options.multiple so im will need to
check what effect this has on things
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: