Nmap Development mailing list archives
Re: [NSE] ms-sql scripts and library updates merged
From: Patrik Karlsson <patrik () cqure net>
Date: Sat, 19 Mar 2011 21:37:52 +0100
On Mar 19, 2011, at 20:45 , Fyodor wrote:
On Sat, Feb 26, 2011 at 11:50:25PM +0100, Patrik Karlsson wrote:Hi all, I just merged the work Chris Woodbury and I have been doing on the ms-sql branch.This is exciting stuff! But I'm noticed some unfortunate performance characteristics in certain scans due to the way that ms-sql-discover and ms-sql-info are in the "default" category and have hostrules which basically match every host. So say I want to scan for web servers and run the default web-related scripts against them. I might do: ./nmap --datadir . -p80 -Pn -n -v --open -T4 -sC scanme.nmap.org/24 This took 120 seconds in the run I just did. But almost all of this time is actually from ms-sql-*. If I change -sC to "--script default and not ms-sql-*" to exclude the sql scripts, it takes less than 7 seconds. I'm not sure of the best solution. Options include: o Remove these scripts from "default" o Make mssql.SCANNED_PORTS_ONLY default behavior (so it looks at the port state of common ms-sql ports rather than trying to query all hosts) o Or maybe there are other ways to make it more selective or faster? What do you think? Cheers, Fyodor
I just removed the ms-sql-discover script as a result of the following discussion: http://seclists.org/nmap-dev/2011/q1/725 This doesn't fix the problem however as the ms-sql-info script is triggered instead. I'm not entirely sure what the best solution here is. I will try too look into it during the next few days. Chris, any ideas? //Patrik -- Patrik Karlsson http://www.cqure.net http://www.twitter.com/nevdull77 _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] ms-sql scripts and library updates merged Patrik Karlsson (Feb 26)
- Re: [NSE] ms-sql scripts and library updates merged Chris Woodbury (Feb 28)
- Re: [NSE] ms-sql scripts and library updates merged Fyodor (Mar 19)
- Re: [NSE] ms-sql scripts and library updates merged Patrik Karlsson (Mar 19)
- Re: [NSE] ms-sql scripts and library updates merged Patrik Karlsson (Mar 28)
- Re: [NSE] ms-sql scripts and library updates merged Chris Woodbury (Mar 29)