PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-30 19:39:07 +00:00
Code Issues Projects Releases Wiki Activity

Add an idea about qualifying more of our Windows-related CPE entries with the service pack number

Browse Source
This commit is contained in:
fyodor
2012-04-03 17:17:15 +00:00
parent d49f6a240f
commit d4f05d0f43
1 changed files with 16 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
todo/nmap.txt
View File

@@ -8,6 +8,12 @@ o Make the release
==Things needed for next STABLE release go ABOVE THIS LINE==
o We should probably go through the nmap-os-db (and IPv6 version)
entries and, where the fingerprint line specifies a service pack
number (or even two of them), ensure that we have sp-qualified CPE
entries like "cpe:/o:microsoft:windows_xp::sp2". Right now we
sometimes include the qualification, and sometimes not.
o Scans from Mac OS X tend to use raw IP packets rather than ethernet
frames even on the local network because Dnet does not seem to be
retrieving the routing table properly -- so the LAN doesn't even
@@ -95,15 +101,6 @@ o Update more web content in real time (or near real-time, or at least
o Maybe Nmap book building
o Maybe the generated files in nmap.org/data/
o ssl-google-cert-catalog should not require that the user specify
ssl-cert in order to run. Instead, they should probably both call a
library which obtains the certificate (and caches it so that it
doesn't happen twice if both scripts are run). In general, we want
to avoid having any scripts tell the user "this script only works if
you specify this other script too". If we really find we need that
functionality, we should add a "strong dependencies" feature so that
scripts can tell Nmap what other scripts they require.
o Investigate increasing FD_SETSIZE on Windows to allow us to
multiplex more sockets. See Henri's email:
http://seclists.org/nmap-dev/2012/q1/267
@@ -751,6 +748,16 @@ o random tip database
DONE:
o ssl-google-cert-catalog should not require that the user specify
ssl-cert in order to run. Instead, they should probably both call a
library which obtains the certificate (and caches it so that it
doesn't happen twice if both scripts are run). In general, we want
to avoid having any scripts tell the user "this script only works if
you specify this other script too". If we really find we need that
functionality, we should add a "strong dependencies" feature so that
scripts can tell Nmap what other scripts they require.
[Patrik did this by adding an ssl cert library]
o Our targets-ipv6-multicast-slaac.nse should probably send the router
advertisements with low priority to reduce the chances of any
negative impacts on clients, if we're not doing that already. See