Nmap Development mailing list archives
Re: NSEC Enumeration script
From: John Bond <john.r.bond () gmail com>
Date: Tue, 15 Mar 2011 20:02:17 +0100
On 15 March 2011 17:59, David Fifield <david () bamsoftware com> wrote:
On Tue, Mar 15, 2011 at 08:33:11AM +0100, John Bond wrote:Patrik Karlsson:In essence, I think that the following change should be performed: - return rPkt.dnssec,true, rPkt + return true, rPkt This way it's more standardized and does not return redundant information.rPkt.dnssec is redundant if you are using the raw packet but if you just want an answer then rPkt.dnssec could be usefull. what should the library return if the query is successful but there is no dnssec?I agree with Patrik here. I don't want to waste a return value just for dnssec. Also, just indicating "dnssec" isn't saying much, it basically means "NSEC or RRSIG or DNSKEY or DS or NSEC3". Anyone who actually needs to use that specific information will need to dig into the packet, as we are doing. It's fine if dns.query in normal mode (not retPkt mode) doesn't return all the information.
Yes the more i thought about it the more i came to the same conclusion. the issue i was having is i wasn't sure what to return in the status if you ask for dnssec but it is not available. however dns returns the answer with no error which is the best thing for this library as well so all good. And with that in mind the change seemed pretty simple almost too simple :) also i tested your changes and they all worked fine, cheers john
Attachment:
dns-nsec-enum.nse.patch
Description:
Attachment:
dns.lua.patch
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: NSEC Enumeration script, (continued)
- Re: NSEC Enumeration script David Fifield (Feb 26)
- Re: NSEC Enumeration script John Bond (Feb 26)
- Re: NSEC Enumeration script John Bond (Feb 26)
- Re: NSEC Enumeration script David Fifield (Feb 26)
- Re: NSEC Enumeration script David Fifield (Feb 28)
- Re: NSEC Enumeration script John Bond (Mar 09)
- Re: NSEC Enumeration script David Fifield (Mar 14)
- Re: NSEC Enumeration script Patrik Karlsson (Mar 15)
- Re: NSEC Enumeration script John Bond (Mar 15)
- Re: NSEC Enumeration script David Fifield (Mar 15)
- Re: NSEC Enumeration script John Bond (Mar 15)
- Re: NSEC Enumeration script David Fifield (Mar 24)
- Re: NSEC Enumeration script John Bond (Mar 25)
- Re: NSEC Enumeration script John Bond (Mar 25)
- Re: NSEC Enumeration script David Fifield (Mar 26)
- Re: NSEC Enumeration script John Bond (Mar 27)
- Re: NSEC Enumeration script John Bond (Mar 30)
- Re: NSEC Enumeration script David Fifield (Mar 30)
- Re: NSEC Enumeration script David Fifield (Mar 25)
- Re: NSEC Enumeration script John Bond (Mar 25)
- Re: NSEC Enumeration script David Fifield (Mar 25)