[Nikto-discuss] Plugins with SQLite

Erik erik at edgeos.com
Fri Sep 12 18:17:31 UTC 2008 

David Lodge wrote:

> * Better checking for uniqueness of plugins (unique nikto_id)
> * Better management of nikto_ids

I think these are important.  When each threat has a unique id, more
in-depth & automated analysis becomes easier.  For example, it becomes
easier to do a differential anaylsis:

   * Threat i is newly discovered.
   * Threat j is no longer a threat.

Having ids helps a lot with the reporting. Easier to define meta data
for each test (e.g. risk, reference, summary, description, solution).
I think risk factor is really important. We use nikto through nessus
goggles, though, so my perspective may be a little skewed to the
typical nikto user. I understand that the web app threats might not be
as easily defined in a "threats db" the way the nessus tests are. I am
guessing that moving the tests into a relational db would be a good
step towards that goal.


> * Dependancy on SQLite and DBD::Sqlite

In response to some of the replies about depending on this, I do not
understand why it is a concern to depend on sqlite.  It is very
lightweight.  On a Debian install, I see this for the executable and
perl binding:

{{{
bash> ls -lh $(for i in $(dpkg -L sqlite3); do test -f $i && echo $i; done)
-rwxr-xr-x 1 root root  32K Mar  6  2007 /usr/bin/sqlite3
-rw-r--r-- 1 root root 1.6K Aug  7  2006 /usr/share/doc/sqlite3/README
-rw-r--r-- 1 root root 1.8K Mar  6  2007 /usr/share/doc/sqlite3/changelog.Debian.gz
-rw-r--r-- 1 root root  381 Mar  6  2007 /usr/share/doc/sqlite3/copyright
-rw-r--r-- 1 root root 2.9K Mar  6  2007 /usr/share/man/man1/sqlite3.1.gz

bash> ls -lh $(for i in $(dpkg -L libdbd-sqlite3-perl); do test -f $i && echo 
$i; done)
-rw-r--r-- 1 root root    0 Oct 14  2006 /usr/lib/perl5/auto/DBD/SQLite/SQLite.bs
-rw-r--r-- 1 root root  71K Oct 14  2006 /usr/lib/perl5/auto/DBD/SQLite/SQLite.so
-rw-r--r-- 1 root root 1.2K Feb 22  2002 /usr/share/doc/libdbd-sqlite3-perl/README
-rw-r--r-- 1 root root 2.5K Oct 14  2006 
/usr/share/doc/libdbd-sqlite3-perl/changelog.Debian.gz
-rw-r--r-- 1 root root 2.5K Apr  9  2006 
/usr/share/doc/libdbd-sqlite3-perl/changelog.gz
-rw-r--r-- 1 root root  883 Oct 14  2006 
/usr/share/doc/libdbd-sqlite3-perl/copyright
-rw-r--r-- 1 root root 5.6K Oct 14  2006 /usr/share/man/man3/DBD::SQLite.3pm.gz
-rw-r--r-- 1 root root  16K Sep  7  2006 /usr/share/perl5/DBD/SQLite.pm
}}}

Those with the concern about this dependency mind explaining a bit more?


Thanks,
Erik

More information about the Nikto-discuss mailing list