Re: [NSE] http-traceroute

[Hani Benhabiles <kroosec () gmail com>]

On 05/18/2012 03:07 PM, Henri Doreau wrote:
> Hi Hani,
Hi Henri,
> the script works well and your code is neat and tidy, good job!
Thanks.
> A couple comments:
>    - I think script description should mention that this implementation
> is based on the work of Nicolas Gregoire (nicolas.gregoire () agarri fr)
> and Julien Cayssol (tools () aqwz com).
Added.
>    - I noticed a couple unnecessary variable declarations (line 171,
> "i" doesn't have to be declared, "response" is re-declared line 175).
> There might be other ones. Can you have a look?
Done. Removed "results" too.
> I also have a suggestion. I think the current output should be
> displayed when verbosity level is>0. Otherwise I would suggest that
> you attribute a score to each heuristic you apply, and set a
> threshold. When score is greater than the threshold, default output
> could simply mention that reverse proxies were detected (and give the
> score, as an indicator of accuracy). What do you think?
I added a verbosity script argument defaulting to 0. I prefer your first 
suggestion and I think it is better to default to a low output size and 
let people decide if they want a more detailed output rather than 
automatically choosing for them through a scoring mechanism.
> Also, during initial discussions we were wondering whether the name
> http-traceroute should be changed for something like
> "http-reverse-proxies-detect" or similar. I'd like to have opinions
> from the list about this.
the problem with a name like http-reverse-proxy-detect is that in the 
future we may write scripts which do the same thing (detecting reverse 
proxies) but in a different way. Something like http-max-forwards is 
problematic too as you can't tell what the script does from the name. I 
believe that it would be better to keep the http-traceroute name unless 
someone comes with a better name.

I also believe that we should add the script the default category given 
that:
- It is safe.
- It generates low traffic (3 http requests.) and has a low execution time.
- No false positives so far with many tests. The technique it uses is 
very neat!

> Regards.

Cheers,
Hani.

--
Hani Benhabiles

Twitter:https://twitter.com/#!/kroosec
Blog:http://kroosec.blogspot.com

Attachment: http-traceroute.nse
Description:

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/