LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices

Reply
 
Search this Thread
Old 06-12-2007, 01:55 PM   #1
SkyEye
Member
 
Registered: Sep 2005
Location: Sri Lanka
Distribution: Fedora (workstations), CentOS (servers), Arch, Mint, Ubuntu, and a few more.
Posts: 441

Rep: Reputation: 40
Nmap Scripting Engine (NSE)


As some of you might have learned Nmap is developing a new subsystem called NSE (Nmap Scripting Engine) to be used in the popular Open Source Security Scanner. This was an idea of Fyodor himself and was implemented by Diman Todorov as an assignment in Google Summer of Code 2006. The resulting development can be experienced by anyone using Nmap 4.21ALPHA4 or a later SVN snaps.

The NSE provides a system where scripts (-sC) can be use to automate and extend Nmap operations. Scripting language used is Lua (the same language used to customize World of Warcraft). However Nmap implementation of Lua includes extensions in the form of exception handling, Perl compatible RegEx and bitwise operators, etc. I believe any serious SysAdmin would like to get their hands on the Nmap with new NSE.

At the moment there's only a few sample scripts available. It was recently announced however that popular security vendor Sourcefire (related to Snort IDS, too) is collaborating with Nmap folks at Insecure.org to develop more and more scripts along with the NSE. There's also a student developing scripts as a participant in Google Summer of Code 2007.

We've always loved Nmap. And with this new NSE there will be opportunities which was earlier hard to attain. Since there's a whole lot of new possibilities with Nmap scripting, there are things I'd like to see implemented with Nmap Scripting. Please join me here to list what you expect from Nmap Scripts.
 
Old 06-12-2007, 01:59 PM   #2
SkyEye
Member
 
Registered: Sep 2005
Location: Sri Lanka
Distribution: Fedora (workstations), CentOS (servers), Arch, Mint, Ubuntu, and a few more.
Posts: 441

Original Poster
Rep: Reputation: 40
I'd like to see

* Vulnerability detection scripts (like in Nessus)
* Exploitation scripts (like in Metasploit)

(Fyodor had made clear that Nmap will not be another Nmap or a Metasploit, Nmap will remain Nmap. However it is also mentioned that we can expect to see similar operation, but towards a different goal.)
 
  


Reply

Tags
google, lua, metasploit, nessus, nmap, scripts, warcraft


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
nmap ? how do i do nmap in linux ? command not found abbasakhtar Linux - Newbie 2 01-02-2011 01:08 AM
LXer: Adobe and Mozilla Foundation to Open Source Flash Player Scripting Engine LXer Syndicated Linux News 0 11-07-2006 06:03 PM
What mean nmap ARCIS_house Linux - Newbie 3 10-30-2006 11:19 AM
teaching shell scripting: cool scripting examples? fax8 Linux - General 1 04-20-2006 04:29 AM
besides xine engine, what else engine can be used in kaffeine? bravehao Linux - Newbie 1 06-04-2005 07:34 AM


All times are GMT -5. The time now is 07:05 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration