Do you plan on your changes being incorporated into either stable or experimental builds of nessus, or is this just for your own hacked up version of nessus?
This is just my opinion, but I would hate to see nessus sending an ACK packet to every port just to see if the host is alive. tcp pings are useful against non-filtered stacks, but are woefully inadequate otherwise. If you were scanning 15000 ports on a firewalled host, it could take a while for just ping_host.nasl to run...and all you get is the equivalent of an nmap Ack scan... just my .02 John Lampe https://f00dikator.hn.org/ "Knowledge will forever govern ignorance, and a people who mean to be their own governors, must arm themselves with the power knowledge gives. A popular government without popular information or the means of acquiring it, is but a prologue to a farce or a tragedy or perhaps both." --James Madison ----- Original Message ----- From: "Dion Stempfley" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, March 06, 2002 11:13 PM Subject: TCP_Ping modification > I am going to make a modification to the tcp ping capability to support a > list of destination ports. > > I have looked at the code and I think I see two different ways to do this. > > I can modify the ping_host.nasl to use the ereg_replace function to parse > the port list and loop through a comma delimited list, calling tcp_ping > until the host is either alive or the list is exhausted. I don't like this, > because it seems pretty inefficient, and doesn't extend the capability for > anything else. > > I could also make a modification to the tcp_ping function in > libnasl/nasl/nessus_extensions.c. But this requires changes to the code > which kind of negates the beauty of nasl. Any thoughts on the preferred way > to make this change? > > Dion > > > >
