Nmap Development mailing list archives
Re: NSEC Enumeration script
From: John Bond <john.r.bond () gmail com>
Date: Tue, 15 Mar 2011 08:33:11 +0100
Thanks for testing it and for this new patch. I tried it, but I hit an infinite loop on the very last name. I think it's because the last NSEC record points backwards to the first name in the subzone. In r22589 I changed get_next_nsec to look for an NSEC record that brackets a given domain name, with the dname on the left and name on the right. It works for me, but please give it a try.
sure will give things a test this evening
A quick glance at the dnssec_query function suggest that it shares a lot of code with the query function. It could make sense to extend that function to handle dnssec. It would probably involve adding an value to the option parameter. Also, in my opinion, the code should be changed so that it returns the status as the first return value, rather than how it's being done at the moment.
yes most of dnssec_query is a copy of an old version of the query function, so it would be good to merge everything pack
In essence, I think that the following change should be performed: - return rPkt.dnssec,true, rPkt + return true, rPkt This way it's more standardized and does not return redundant information.
rPkt.dnssec is redundant if you are using the raw packet but if you just want an answer then rPkt.dnssec could be usefull. what should the library return if the query is successful but there is no dnssec? _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: NSEC Enumeration script, (continued)
- Re: NSEC Enumeration script John Bond (Feb 26)
- Re: NSEC Enumeration script David Fifield (Feb 26)
- Re: NSEC Enumeration script David Fifield (Feb 26)
- Re: NSEC Enumeration script John Bond (Feb 26)
- Re: NSEC Enumeration script John Bond (Feb 26)
- Re: NSEC Enumeration script David Fifield (Feb 26)
- Re: NSEC Enumeration script David Fifield (Feb 28)
- Re: NSEC Enumeration script John Bond (Mar 09)
- Re: NSEC Enumeration script David Fifield (Mar 14)
- Re: NSEC Enumeration script Patrik Karlsson (Mar 15)
- Re: NSEC Enumeration script John Bond (Mar 15)
- Re: NSEC Enumeration script David Fifield (Mar 15)
- Re: NSEC Enumeration script John Bond (Mar 15)
- Re: NSEC Enumeration script David Fifield (Mar 24)
- Re: NSEC Enumeration script John Bond (Mar 25)
- Re: NSEC Enumeration script John Bond (Mar 25)
- Re: NSEC Enumeration script David Fifield (Mar 26)
- Re: NSEC Enumeration script John Bond (Mar 27)
- Re: NSEC Enumeration script John Bond (Mar 30)
- Re: NSEC Enumeration script David Fifield (Mar 30)
- Re: NSEC Enumeration script David Fifield (Mar 25)