Nmap Development mailing list archives
Re: [NSE] isakmp aggressive mode and version detection
From: Fyodor <fyodor () nmap org>
Date: Mon, 10 Dec 2012 19:40:34 -0800
On Sat, Dec 8, 2012 at 5:38 AM, Jesper Kückelhahn <dev.kyckel () gmail com>wrote:
I'm currently working on a NSE script that extracts information from isakmp services. I'm planning on creating two scripts; one for aggressive mode detection, and one for version detection. For the latter I'd like to use the vendor ID's included in 'ike-scan'[1]. However, I'm a little worried about the licensing and copy right aspect, and I'm hoping that someone could help me determine if inclusion of this file in nmap is possible. In order to extract version information, some modifications to this file might be necessary, and also addition fingerprints will properly be added. The following is a snippet of text from the header of the file including license information:
Hi Jesper. The new scripts sound awesome, but you're right to be cautious about copyrights when taking code/date from other tools. Unfortunately, we can't use code under ike-scan's default license. Whether a list of vendor IDs is copyrightable is questionable, but we should err on the safe and polite side and note include it without permission. Fortunately, there are several options: Perhaps the best option is to mail the ike-scan guys (there are two email addresses in the header of ike-vendor-ids) and ask permission to use the data in Nmap under a BSD license. Be sure to let them know that they'll be credited in the file, and that we will keep it under a BSD license so that they can then use any new IDs discovered by Nmap Project contributors. If they say yes, then put a comment near the top of the data file that you use for the vendor IDs noting that it can be used under the "Simplified (2-clause) BSD license--See http://nmap.org/svn/docs/licenses/BSD-simplified";. Or if the data is in the script directly, you can put the script under that license by using that text in the license field. If they don't respond or if they say no, then I guess the only alternative is to try and independently recreate the data or find it from some other source. Cheers, Fyodor _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] isakmp aggressive mode and version detection Jesper Kückelhahn (Dec 08)
- Re: [NSE] isakmp aggressive mode and version detection Fyodor (Dec 10)
- Re: [NSE] isakmp aggressive mode and version detection Jesper Kückelhahn (Dec 11)
- Re: [NSE] isakmp aggressive mode and version detection Jesper Kückelhahn (Dec 14)
- Re: [NSE] isakmp aggressive mode and version detection Jesper Kückelhahn (Dec 14)
- Re: [NSE] isakmp aggressive mode and version detection Jesper Kückelhahn (Dec 17)
- Re: [NSE] isakmp aggressive mode and version detection David Fifield (Dec 20)
- Re: [NSE] isakmp aggressive mode and version detection Jesper Kückelhahn (Dec 21)
- Re: [NSE] isakmp aggressive mode and version detection David Fifield (Dec 21)
- Re: [NSE] isakmp aggressive mode and version detection Jesper Kückelhahn (Dec 23)
- Re: [NSE] isakmp aggressive mode and version detection David Fifield (Dec 23)
- Re: [NSE] isakmp aggressive mode and version detection Jesper Kückelhahn (Dec 31)
- Re: [NSE] isakmp aggressive mode and version detection Jesper Kückelhahn (Dec 11)
- Re: [NSE] isakmp aggressive mode and version detection Fyodor (Dec 10)