Nmap Development mailing list archives
Re: [RFC] Default NSE Scripts
From: Daniel Roethlisberger <daniel () roe ch>
Date: Mon, 12 May 2008 13:02:24 +0200
Kris Katterjohn <katterjohn () gmail com> 2008-05-10:
jah wrote:On 09/05/2008 23:17, Kris Katterjohn wrote:Default: * ripeQueryThis is a safe script with regard to the target, but RIPE might think it less so. Especially as it would query RIPE for every target regardless of whether the target is in RIPE's allocation. I think it should stay in discovery.This is a script I kept switching between the lists. I think you may be right in that it's not be default material. Anybody else want to chime in on this one?
I think this script could rightly be perceived as abusive by RIPE. I would not include this in the default set.
Not Default: [...] * SMTPcommands - I want this to be default, but it usually has a lot of outputThis is currently run by default and I don't think the quantity of output should be grounds for omission if it's perceived to be useful.Good point, but I just don't think that a default script should produce a large amount of output like this one tends to. Does anyone have an opinion on this?
I'd vote for inclusion. If you feel it produces too much output, then maybe it can be changed to be a little less verbose? I cannot speak for others, but personally, when I run a scan with NSE scripts, then I am expecting some verbosity.
* SSLv2-support - Produces quite a bit of output, and doesn't seem useful enough for defaultI think this is quite useful and should remain default, but agree that the output is often more than required - perhaps it could be improved with nmap.verbosity().I think that with an nmap.verbosity() change it may be good for default.
I'd quite like to see this script included by default. It would be useful in helping to eradicate SSLv2.
* zoneTrans - Just doesn't seem like default material IMOI think the argument for this is similar to the one for dns-test-open-recursion.I don't know from experience, but looking at Wikipedia makes me think that it's not frequent enough.
Depends on your usage. If you do internal scans of large corporate networks, it is extremely frequent. -- Daniel Roethlisberger http://daniel.roe.ch/ _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Re: [RFC] Default NSE Scripts, (continued)
- Re: [RFC] Default NSE Scripts Fyodor (May 09)
- Re: [RFC] Default NSE Scripts Brandon Enright (May 09)
- Re: [RFC] Default NSE Scripts Fyodor (May 09)
- Re: [RFC] Default NSE Scripts Brandon Enright (May 09)
- Re: [RFC] Default NSE Scripts Fyodor (May 09)
- Re: [RFC] Default NSE Scripts Kris Katterjohn (May 10)
- Re: [RFC] Default NSE Scripts Fyodor (May 09)
- Re: [RFC] Default NSE Scripts Kris Katterjohn (May 10)
- Re: [RFC] Default NSE Scripts Fyodor (May 10)
- Re: [RFC] Default NSE Scripts Kris Katterjohn (May 10)
- Re: [RFC] Default NSE Scripts Daniel Roethlisberger (May 12)
- Re: [RFC] Default NSE Scripts Arturo 'Buanzo' Busleiman (May 12)
- Re: [RFC] Default NSE Scripts Fyodor (May 12)
- Re: [RFC] Default NSE Scripts Fyodor (May 12)
- Re: [RFC] Default NSE Scripts Kris Katterjohn (May 12)
- Re: [RFC] Default NSE Scripts Kris Katterjohn (May 12)
- Re: [RFC] Default NSE Scripts Kris Katterjohn (May 14)
- Re: [RFC] Default NSE Scripts jah (May 14)
- Re: [RFC] Default NSE Scripts Kris Katterjohn (May 14)