[Nikto-discuss] Nikto automatically checking version, was Re: Nikto bug about Zeus (ticket #52)
David Lodge
dave at cirt.net
Wed Feb 4 19:18:25 UTC 2009
On Wed, 04 Feb 2009 08:21:49 -0000, Frank Breedijk
<FBreedijk at schubergphilis.com> wrote:
> I have a number of Nikto instances on different machines, and none of
> them are truly supported by the OS (hence my version bump ticket in the
> Gentoo bugzilla). Would it be possible for Nikto to report in the output
> then it is behind in the major release?
The Gentoo problem is resolved in trunk and will be resolved in Nikto 2.10
(I was wanting to release it on the 31/12/2008, but ran out of time, but
it'll be a month or two). Unfortunately, I'm not going to backport this to
Nikto 2.03 (as it did take quite a rework of the config code).
In terms of whether the current version is the most up to date; I'd
normally shy away from checking this (though it is easy to do), simply
because it means that nikto'd have to contact www.cirt.net to get version
information. As I normally run nikto from a non-Internet connected source,
I wouldn't want to wait for a timeout each time I run it. I could add an
option to the configuration file to give it the option to check whether
nikto needs an update.
CC'ing to nikto-discuss in case anybody has any strong opinions either
way...
Thanks
dave
More information about the Nikto-discuss
mailing list