Nmap Development mailing list archives
Re: [RFC] Vulnerability library proposal
From: Henri Doreau <henri.doreau () greenbone net>
Date: Sun, 7 Aug 2011 18:40:33 +0200
2011/8/7 Djalal Harouni <tixxdz () opendz org>:
Hi list, This is a proposal for a new NSE vulnerability library. The library is designed to help managing discovered vulnerabilities and to make the output more consistent. It would be really great if we can have suggestions from pen-testers and from people that integrate and use Nmap in their security tools. Thanks in advance.
Hi Djalal, thanks for the proposal, we've already discussed most of it together and I find it pretty cool but there's still one point I'd like to discuss. You propose a "all or nothing" approach to store vulnerabilities in the registry. Another option would be to let post-processing scripts register their own filters to the library in the prerule function. vulns.save_report() could take a callback in argument, just the same kind that the selection_filter which are described in the proposal. These filters would then be called each time a vulnerability is added by a script. If one of the callback filters returns true then the vulnerability is stored, otherwise we can discard it. That would prevent the lib from storing everything if the only post-processing script selected is one that just takes a small subset of the tested vulnerabilities (like "high risk vulnerabilities which are present"). We can also easily imagine some performance optimization, to do the filtering only once, when the vulnerability is added: - post-proc. script registers a filter and gets an ID back from the library - each time a vulnerability is added the filter is called against it, and if it returns true the vulnerability table is stored, associated to the ID of the filter. - the post-proc. script iterates over all the vulnerabilities associated with its ID and report them or whatever... Regards. -- Henri Doreau | Greenbone Networks GmbH | http://www.greenbone.net Neuer Graben 17, 49074 Osnabrueck, Germany | AG Osnabrueck, HR B 202460 Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: [RFC] Vulnerability library proposal, (continued)
- Re: [RFC] Vulnerability library proposal Daniel Miller (Aug 09)
- Re: [RFC] Vulnerability library proposal Djalal Harouni (Aug 09)
- Re: [RFC] Vulnerability library proposal Christian Heinrich (Aug 09)
- Re: [RFC] Vulnerability library proposal Djalal Harouni (Aug 09)
- Re: [RFC] Vulnerability library proposal Christian Heinrich (Aug 09)
- Re: [RFC] Vulnerability library proposal Djalal Harouni (Aug 09)
- RE: [RFC] Vulnerability library proposal Rob Nicholls (Aug 09)
- Re: [RFC] Vulnerability library proposal Christian Heinrich (Aug 09)
- RE: [RFC] Vulnerability library proposal Rob Nicholls (Aug 09)
- Re: [RFC] Vulnerability library proposal Djalal Harouni (Aug 09)
- Re: [RFC] Vulnerability library proposal Djalal Harouni (Aug 09)
- Re: [RFC] Vulnerability library proposal Djalal Harouni (Aug 12)
- Re: [RFC] Vulnerability library proposal Djalal Harouni (Aug 09)
- Re: [RFC] Vulnerability library proposal Christian Heinrich (Aug 09)
- Re: [RFC v2] Vulnerability library proposal Marc Ruef (Aug 12)
- Re: [RFC v2] Vulnerability library proposal Djalal Harouni (Aug 12)