Nmap Development mailing list archives
Re: Nmap script ideas wiki
From: Ron <ron () skullsecurity net>
Date: Wed, 16 Mar 2011 11:13:32 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 15 Mar 2011 20:14:29 +0200 Toni Ruottu <toni.ruottu () iki fi> wrote:
The problem present in many of them is that the protocol may be really open and powerful, so deciding how far to go in the scan is hard.
That's a good question, and one that I run into a lot. What I typically do with Nmap is go as far as I am reasonably able to. That's what differentiates Nmap from other scanners like Nexpose, Nessus, etc - Most security scanners are simply concerned with find out if a vulnerability exists or not, and perhaps proving it, then generating a report and letting the user/customer/whoever know how vulnerable they are. Nmap scriptings, on the other hand, are extensions to nmap's probing techniques. I see them as a way to get additionally data/information from a host that may interest the scanner (whether they're a pentester, etc). So, IMO, you should go as far as you can. Ron -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (GNU/Linux) iEYEARECAAYFAk2A4a8ACgkQ2t2zxlt4g/QZhgCfUPgHLB8/DCGzM8dXeiJZfevt 4x4AnijNl/3A/xW3xYb8U/jX01bKHnHY =znel -----END PGP SIGNATURE----- _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Nmap script ideas wiki Fyodor (Mar 11)
- Re: Nmap script ideas wiki Toni Ruottu (Mar 11)
- Re: Nmap script ideas wiki David Fifield (Mar 11)
- Re: Nmap script ideas wiki Nick Nikolaou (Mar 11)
- Re: Nmap script ideas wiki David Fifield (Mar 11)
- Re: Nmap script ideas wiki David Fifield (Mar 11)
- Re: Nmap script ideas wiki Fyodor (Mar 12)
- Re: Nmap script ideas wiki Toni Ruottu (Mar 15)
- Re: Nmap script ideas wiki Ron (Mar 16)
- Re: Nmap script ideas wiki Toni Ruottu (Mar 11)
- Re: Nmap script ideas wiki Fyodor (Mar 14)