Anything I write would be submitted, integration... That's someone elses call.
As for scanning each port, currently you specify the tcp_ping port which is defaulted to "80". I have a list of ports that I use regularly. Its a smaller list then the ports I scan, but it discovers hosts using DNS, FTP, SMTP, SSH and a few other services. The intent is that if you don't change the default port from "80" you would not even see a change. Dion -----Original Message----- From: John Lampe To: Dion Stempfley; [EMAIL PROTECTED] Sent: 3/6/2002 1:30 PM Subject: Re: TCP_Ping modification Do you plan on your changes being incorporated into either stable or experimental builds of nessus, or is this just for your own hacked up version of nessus? This is just my opinion, but I would hate to see nessus sending an ACK packet to every port just to see if the host is alive. tcp pings are useful against non-filtered stacks, but are woefully inadequate otherwise. If you were scanning 15000 ports on a firewalled host, it could take a while for just ping_host.nasl to run...and all you get is the equivalent of an nmap Ack scan... just my .02 John Lampe https://f00dikator.hn.org/ "Knowledge will forever govern ignorance, and a people who mean to be their own governors, must arm themselves with the power knowledge gives. A popular government without popular information or the means of acquiring it, is but a prologue to a farce or a tragedy or perhaps both." --James Madison ----- Original Message ----- From: "Dion Stempfley" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, March 06, 2002 11:13 PM Subject: TCP_Ping modification > I am going to make a modification to the tcp ping capability to support a > list of destination ports. > > I have looked at the code and I think I see two different ways to do this. > > I can modify the ping_host.nasl to use the ereg_replace function to parse > the port list and loop through a comma delimited list, calling tcp_ping > until the host is either alive or the list is exhausted. I don't like this, > because it seems pretty inefficient, and doesn't extend the capability for > anything else. > > I could also make a modification to the tcp_ping function in > libnasl/nasl/nessus_extensions.c. But this requires changes to the code > which kind of negates the beauty of nasl. Any thoughts on the preferred way > to make this change? > > Dion > > > >
