> -----Original Message----- > From: Michael Wiegand [mailto:[email protected]] > Sent: Tuesday, May 12, 2009 9:32 AM > To: Goran Ličina > Cc: [email protected] > Subject: Re: [Openvas-plugins] OS fingerprint plugin > > * Goran Li?ina [12. May 2009]: > > Also we would like you to warn us if there are any mistakes in > > plugin code or you have suggestions how to improve it. > > First of all, thanks a lot for your contribution! > > I'm curious, have you thought about supporting the nmap OS fingerprint > DB format (e.g. http://nmap.org/svn/nmap-os-db)?
Our plugin currently doesn't support nmap DB format because it uses only ICMP probes, while nmap mostly uses TCP probes to determine remote OS. However there is a posibility to extend it with new modules to support nmap format, or even better to make new plugin that implements only nmap probes. Did you plan to integrate completely nmap in OpenVAS in future versions or you suggest that we should make plugin that would use nmap database of fingerprints? Because if you plan to integrate it somehow, there is no much sense in wasting time to implement nmap approach in new plugin. However, old plugins that use results generated by our plugin (those which have os_fingerprint.nasl as dependency) mostly read results from "Host/OS/ICMP" KB item, so our plugin is necessary for them to work properly. Another thing, we would like to start working on plugins that detect some newer CVE vulnerabilities. Can you tell us what is the procedure for picking these and where can we see who is working on which vulnerability? Thanks, Goran Licina -- Laboratory for Systems and Signals Department of Electronic Systems and Information Processing Faculty of Electrical Engineering and Computing University of Zagreb _______________________________________________ Openvas-plugins mailing list [email protected] http://lists.wald.intevation.org/mailman/listinfo/openvas-plugins
