Nmap Development mailing list archives
Re: [RFC] NSE Re-categorization
From: Kris Katterjohn <katterjohn () gmail com>
Date: Fri, 13 Jun 2008 00:54:05 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Fyodor wrote:
On Fri, Jun 13, 2008 at 01:07:10AM +0100, jah wrote:On 12/06/2008 23:07, Kris Katterjohn wrote: So I think that either intrusive should include scripts that are intended to crash services (all in the name of securing ones own network, of course) or perhaps there should be a category for "exploits" to include scripts that actively exploit vulnerabilities and could crash a service or cause an sysadmin alarm - even if the intention is merely to detect a vulnerability.Good point. We don't have any scripts intended to crash services now. But if we ever were to add such a script, I'd argue for some sort of "dos" category. A script which performas a SYN scan or tries to crash a certain service goes beyond what I would normally think of even as "intrusive", IMHO. Exploits is another interesting category. If we had actual exploits like you find in Metasploit, they might fit well in such a category. Our brute force authentication scripts sort of fit the bill, but it sounds like we'll probably have a more specific category for them. So I think both of these are good potential categories, but I don't think we should add any categories unless we have at least one script included which will use them. And I don't know of any DoS or exploit scripts right now.
Agreed. And of course if we create categories like these, they will go along with Safe and Intrusive wrt the "all-encompassing" factor.
Cheers, -F
Thanks, Kris Katterjohn -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQIVAwUBSFILev9K37xXYl36AQIK8Q//a2+9/SdkuD6ETPxvUemqQCLV2N0C6iVc /hA01eGFmr6GmH1lg73lquAm1YDTFLywdAMBYDrlsmhGA/dQvx9MWo/sJL/pmL5d UKXyYC22WV2Chzs7r+IFjpZqgFJhQ4Hm8V9POJj7BJjOZDXFLY6X0WHYCKbsBaXG t7apvVDD5tVYATotuu7oGNCVizO/nCaJlo6IgIwtNijwOFgl1RxLVf9/Zzut8w4K 2TNh2vNF0qCTRkihsuj6nYernnTHItz5dO8WVM1oxcIWnt3ecIiIo0tAoxDP58Y5 Xh3NSOnx7cdHqiBKiYFfE99tOCAPCpzQ8KwTcQ1SM38/su4Cv9B4z7hIr6AwY9RU bSO4V6akVyMUedkbGuISM55shFmI+EH4ysgPrgzOIM+QzfiVTE7ubulKW1JYrO4M HYfBTXqBvRgU0zlpesqIrIoehh9Xl21e7oQH5Tjlz7M6DOz8IoKCtHSGiszQhmOD hx9cCwOUYtuNC4+p2r6RBRsvbnViQCrm/NEchtVNwfECMQO4CKtQvX3MB8Shs0pC f190wnY8KYvLWJtGqBgSU1WPxq0wm62y00x3MRd1l7TfNv9yJ417Jd4MPJwpkshP ocFRGUVmIbrvFiLA7C2Grt/ob99oaTzrE3P5107yirsRpUUNTKFOziwSoou1CLT3 wnq6jFNoaOU= =9yOQ -----END PGP SIGNATURE----- _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- [RFC] NSE Re-categorization Kris Katterjohn (Jun 12)
- Re: [RFC] NSE Re-categorization jah (Jun 12)
- Re: [RFC] NSE Re-categorization Fyodor (Jun 12)
- Re: [RFC] NSE Re-categorization Kris Katterjohn (Jun 12)
- Re: [RFC] NSE Re-categorization Kris Katterjohn (Jun 12)
- Re: [RFC] NSE Re-categorization Tom Sellers (Jun 13)
- Re: [RFC] NSE Re-categorization Fyodor (Jun 12)
- Re: [RFC] NSE Re-categorization Fyodor (Jun 12)
- Re: [RFC] NSE Re-categorization Kris Katterjohn (Jun 12)
- Re: [RFC] NSE Re-categorization Fyodor (Jun 14)
- Re: [RFC] NSE Re-categorization Arturo 'Buanzo' Busleiman (Jun 14)
- Re: [RFC] NSE Re-categorization Kris Katterjohn (Jun 14)
- Re: [RFC] NSE Re-categorization Fyodor (Jun 14)
- Re: [RFC] NSE Re-categorization Kris Katterjohn (Jun 18)
- Re: [RFC] NSE Re-categorization Tom Sellers (Jun 18)
- Re: [RFC] NSE Re-categorization Kris Katterjohn (Jun 12)
- Re: [RFC] NSE Re-categorization jah (Jun 12)