On Thu, Dec 18, 2003 at 03:07:59PM +0000, Paul Johnston wrote: > >It's redundant with find_services and the family of *_detect plugins, so > >adding this option would result in poor integration of that > >functionality with Nessus. > > > What's the feeling on this long term? While find_services works well for > common services, it does not have the extensible signature mechanism > that nmap now does have. I need to do a lot more testing, but my current > feeling is that nmap -sV is likely to become the leading "version scanner". In the middle term, find_services will be re-written. We will see what happens in the long term, but my main gripe with nmap -sV is that it assumes stuff - for instance, if you run a web server on port 65534, it will not detect it because the service signature says that web servers usuallay run on ports 76-90 and 7000-10000. Another concern is that it's very intrusive and tons of services don't like to receive binary data and such. This problem is lightened by the fact that the assumptions regarding ports in the service file prevent nasty stuff from happening. So at this time I'm waiting. -sV is still new. -- Renaud _______________________________________________ Plugins-writers mailing list Plugins-writers@private http://mail.nessus.org/mailman/listinfo/plugins-writers
This archive was generated by hypermail 2b30 : Thu Dec 18 2003 - 07:20:58 PST