Monday, December 20, 2010



I know that many of you are wondering of the relevancy of writing enumeration/validation scripts using the NMAP Scripting Engine (NSE).  The explanation is pretty simple: (1) NMAP is free and is one of the most widely used and recognized port scanning utilities on the friggin' *planet*; (2) NMAP is making attempts to establish itself as a contender within the vulnerability scanning market, something that Nessus and ISS have dominated for several years; I believe in helping the "underdog" in this case; (3) I have met and like the working ethic of Gordon Lyon (aka "Fyodor") - he has a "can do" attitude, isn't arrogant about anything, and is willing to talk to just about anyone who will ask him a question, then answer it reasonably, and fair quickly (within a day); and (4) this community *needs* to get an enumeration capability established -- and soon (if not for finding unknown devices on one's network, at least for a forensics capability).

I can think of some other reasons, but aren't worth mentioning right now.  The fact is, developing NSE enumeration scripts for NMAP is a very good thing, and can be utilized for the benefit of the community.  I realize the downside/negative impact for having such scripts is that they're available for the 'bad guys', but (to me and IMHO) the 'good' outweighs the 'bad'.  ;P

*WE* need your help...

This is a community effort.  And *we* are all part of the great whole/great good that represents the backbone to infrastructures Worldwide, right?  Those of you who have programming backgrounds and capabilities, and can spare a few minutes (er...hours) every month, can help us (that being the SCADASEC community)...develop some decent enumeration and validation scripts utilizing NMAP.

If you are a talented programmer/software engineer/hacker (er..."computer enthusiast"), and know a little bit about C/C++/scripting languages (Perl, Tcl/Tk, Korn shell, Windows Powershell, etc.), and can spare a few minutes (er...hours) every month to a greater cause, in my humble opinion -- YOU are making a difference -- by building a community.  I feel that all of this will be a great help to everyone, esp. since it is *FREE*. heard/read me correctly....*FREE*.  This helps *build* our community and makes it into something quite extraordinary, something that I have gotten to like quite a bit.  This community needs to be protected -- AT ANY AND ALL COST.  Period.  BUT....this cannot be done unless *we* have YOUR support.  Kapeesh (translation: "get the drift")?

There is alot (and I do mean...*ALOT*) of technical talent out there...  ;)

Is there no one who will work with us (not just me) these efforts?

My promise to all of you, this community, and everyone who is reading this email should know what I am about to state: know this much....I will do WHATEVER it takes, HOWEVER it takes, and in WHATEVER means/methods possible, to MAKE this community stand out, shine out, and be THE BEST that it can be to the rest of the security and intelligence communities.  BUT...this means creating customizable NSE scripts that can work with NMAP v5.20 (or later), **AND** remain *FREE* (an edict of both myself and "Fyodor" -- "free love, free information, free help, etc.") to benefit alot of people within this, and other communities (mostly government, and *not* just the U.S., either).


If 'yes', send me an email -- offline/offlist -- to "rsradvan at".  I *cannot* do this daunting task alone (Lord knows that I *will* try, and there of you who know me that I will make myself utterly *sick* in the attempt), and need to start a 'groundswell' of talent, people, and capabilities who are willing, ready, and able to undertake the task of developing AS MANY ENUMERATION SCRIPTS AS POSSIBLE.  We're talking THOUSANDS of differing devices, manufacturers, models, makes, series, et. al.  This is NO SMALL TASK, and the request is unprecedented by anything that I have asked every before on this mailing list.

Please..................think it over.  Email me (offline) if you're interested.

We *NEED* a "cyber army".  Join us.


No comments:

Post a Comment