On Tue Jun 15 2004 at 21:33, ETBlomquist@private wrote: > My goal is to create a plugin that accurately identifies an open UDP port > on a remote node. My first question is, is that even reasonable? Considering the way UDP scan works, the short answer is no. Unless you can trigger a response from the remote service. > I've been reading the guides on NASL and am fairly confident in my script, > but am unsure of the functions in regard to UDP. Here's what I've been > testing, but it always displays "Port 2967 is open." whether it's really > open or not. If you really want to write this script, use test_udp_port() from network_func.inc The function returns 2 if the port is closed (ICMP bad port received), 0 if it is definitely open (UDP answer received), and 1 otherwise. But the function was not written to do this kind of test; rather to watch the state of a port before and after a DoS attack. _______________________________________________ Plugins-writers mailing list Plugins-writers@private http://mail.nessus.org/mailman/listinfo/plugins-writers
This archive was generated by hypermail 2b30 : Wed Jun 16 2004 - 00:00:58 PDT