Nmap Development mailing list archives
Re: ftp-brute.nse overhaul
From: Fyodor <fyodor () insecure org>
Date: Fri, 18 Sep 2009 22:54:36 -0700
On Sat, Sep 19, 2009 at 12:38:52AM -0500, Ron wrote:
And for what it's worth, ftp-anon.nse can probably be deleted (the functionality is replicated 100% in ftp-brute.nse now). Any objections?
Well, ftp-anon is one of our default scripts. Checking whether a discovered FTP server allows anonymous access is (arguably) OK by default, but a brute force password guessing attack is not. So it may be best to leave them separate, but factor out any common code into a library. Cheers, -F _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- ftp-brute.nse overhaul Ron (Sep 18)
- Re: ftp-brute.nse overhaul Fyodor (Sep 18)
- Re: ftp-brute.nse overhaul Patrick Donnelly (Sep 18)
- Re: ftp-brute.nse overhaul Ron (Sep 18)
- Re: ftp-brute.nse overhaul Fyodor (Sep 18)
- Re: ftp-brute.nse overhaul Ron (Sep 18)
- Re: ftp-brute.nse overhaul Patrick Donnelly (Sep 18)
- Re: ftp-brute.nse overhaul Fyodor (Sep 18)
- Re: ftp-brute.nse overhaul Ron (Sep 18)