Nmap Development mailing list archives
Re: [NSE] malicious-ip script
From: Fyodor <fyodor () insecure org>
Date: Wed, 6 Jul 2011 15:40:38 -0700
On Mon, Jul 04, 2011 at 09:59:20AM +0300, Toni Ruottu wrote:
I like the idea. However, typically we would want multiple scripts rather than one. This script should probably be split into one for each database.
Thanks for your comments, but I wouldn't go quite that far. We really need to decide these on a case by case basis. A combined script is usually: o Easier to maintain (reduces code duplication) o Can produce more elegant output (e.g. if all of the databases say the same thing, it might be able to state that on one line. o Avoids bloating the script lists generated on http://nmap.org/nsedoc/, from Nmap --script-help, in the CHANGELOG, in the book, and other places. On the other hand, a separate scripts can be easier to use (control using --script is often easier than having to specify --script-args). And a separate script is almost always advisable if the split versions need to be in different categories. As for runtime efficiency, that can go either way. Separate scripts are more easily executed in parallel, but combined scripts can sometimes reuse various resources (memory structures, connects sockets, etc.) We did end up going with separate scripts for ip-geolocation-*, but that wasn't really the result of a consensus process and it could have gone either way. Admittedly it did turn out handy when we had to delete one of them for violating an API license, but that is a very unusual case. I can't argue strongly either way on whether ip-geolocation-* should be split or combined. So we will leave it split up for now. What we should really do is create a page on secwiki or docs/scripting.xml giving the "best practices" on deciding whether to combine or separate related scripts. There are many factors to consider. Cheers, Fyodor _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] malicious-ip script Hani Benhabiles (Jul 03)
- Re: [NSE] malicious-ip script Paulino Calderon (Jul 03)
- Re: [NSE] malicious-ip script Toni Ruottu (Jul 03)
- Re: [NSE] malicious-ip script Hani Benhabiles (Jul 06)
- Re: [NSE] malicious-ip script Hani Benhabiles (Jul 14)
- Re: [NSE] malicious-ip script Djalal Harouni (Jul 14)
- Re: [NSE] malicious-ip script Hani Benhabiles (Aug 02)
- Re: [NSE] malicious-ip script Hani Benhabiles (Jul 06)
- Re: [NSE] malicious-ip script Fyodor (Jul 06)
- Re: [NSE] malicious-ip script Toni Ruottu (Jul 06)