Home page logo
/

Nmap Announce mailing list archives

Nmap Survey Results
From: Fyodor <fyodor () insecure org>
Date: Tue, 6 Jun 2000 02:09:02 -0700 (PDT)



Hello everyone,

I want to thank the 1,222 people on this list who took the time to
take the Nmap users survey!  The numbers will help greatly in
determining future plans and priorities for the project.

I'm also glad to report that almost 600 comments or improvement ideas
were listed!  It took an hour to read through them all, but they
contained many useful ideas and insights.

I stuffed all the results into a database, and ran some queries that you
guys might find interesting.  You can send me comments about the survey or
this writeup at fyodor () insecure org .  Here are the commented results,
divided into sections (raw results are at the end):


[ IMPROVEMENT REQUESTS ]

One of the most important uses of the survey was to find out what new
features people are interested in.  I listed about 17 features and
asked users to rate the importance of each.  Then I calculated a
weighted average.  "Extraordinarily Cool" counts as 2, "Somewhat
Useful" counts as 1, "A BAD thing" is -2, and Neutral and No Comment
are 0.

One result I was glad to see was that "Integrated MP3 player" was dead
last (score: -1.065).  That was a test question.  If that had been
popular, I would have thrown away all survey results :).

Interestingly, the top request was to make Nmap faster.  This is
always a priority for me and I have several plans in that department.

Just barely below "faster" was "Scripting or module support for
application-level probing/vuln testing".  I agree that this would be
VERY cool.  But want it to be very powerful, very fast, and easy to
write/read/maintain the test modules/scripts.  I am still
brainstorming on a good API for this.  Ideas?  Doing this right is a
huge undertaking, so don't expect this anytime soon.

Third place was a .nmaprc for storing default scan types, timing,
favorite decoys, etc.  This is coming and is definitely long overdue.

The only two features that received a net negative response (other
than the MP3 joke) were Win95/98 port and Windows NT port.  This is
somewhat biased, since the people who wan't to run Nmap but can't due
to lack of a real operating system are unlikely to join the list.  The
WinNT port (score: -0.198) was much better received than 95/98
(-0.615).  The objection to a Windows version was a little surprising,
since 62% of the survey respondants did so from a Windows browser
(according to User-Agent).  The most common reason, according to the
comments, was a fear that script kiddies would abuse the hell out of
"Winmap".

Here is the raw list of features and their scores in decreasing order.
For more response details, see the full report at the end of this
mail.

Faster (speed optimizations) (SCORE: 1.188)
Scripting or module support for application-level probing/vuln testing (SCORE: 1.126)
.Nmaprc for storing default scan types, timing, favorite decoys, etc (SCORE: 1.105)
Output to Database option (-oD) (SCORE: 1.098)
Traceroute support (SCORE: 1.043)
libnmap.so C library for pinging/port scanning/os detection (SCORE: 1.018)
Distributed scanning support (SCORE: 0.960)
Output to HTML option (-oH) (SCORE: 0.899)
IP.ID Scanning (SCORE: 0.836)
Input via domain name (using zone XFER) (-iZ) (SCORE: 0.761)
SOCKS Proxy bounce scanning (SCORE: 0.696)
Improved X Window front end (SCORE: 0.556)
PalmOS Port (SCORE: 0.354)
Solaris Binaries in package format (SCORE: 0.283)
Windows NT/2000 port (SCORE: -0.198)
Windows 95/98 port (SCORE: -0.615)
Integrated MP3 Player (SCORE: -1.065)


[ PROGRAMMING ]

This list (or at least survey respondants) are predominantly
programmers.  70% know C.  Here are the languages they have used:
   C -- 69.9%
   Shell Scripting -- 63.3%
   Perl -- 59.8%
   Other -- 54.5%
   C++ -- 48.1%
   TCL -- 19.0%
   Python -- 11.8%
   Lisp -- 11.7%
   Scheme -- 6.7%


[ GENDER ISSUES ]

The gender imbalance is much worse than I expected.  I knew there
would be more males than females.  Perhaps even 70% to 30% or 80%/20%.
Nope.  The survey counted 1136 males and 15 females.  Thats only 1% of
respondants.  No wonder introducing myself as the author of Nmap has
never helped me impress girls :).  Does anyone have ideas on how to
improve this imbalance?  Perhaps we could start an outreach program at
the local mall.  Or maybe I could change NmapFE to have a flowery
background:).

The gender imbalance is much worse than I expected.  I knew there
would be more males than females.  Perhaps even 70% to 30% or 80%/20%.
Nope.  The survey counted 1136 males and 15 females.  Thats only 1% of
respondants.  No wonder I've never been able to impress girls by
saying I am the author of Nmap :).  Does anyone have ideas on how to
improve this imbalance?  Perhaps we could start an outreach program at
the local mall.  Or maybe I could change NmapFE to have a flowery
background:).

This could also be a cultural issue.  In the US at least, boys growing
up are encouraged to aggressively venture out, explore and portscan
their surrounding networks.  While women have traditionally been
ushered into a role centered around maintaining and tending to their
own hosts.

Sorry.  I'm going to stop joking now before I offend people and cause
the number of females to drop even lower :).

Also, I don't think all 15 were really female.  For example, I
question the femininity of the "woman" coming in from a cable modem on
nf.net (if I'm wrong, let me know and I'll apologize).

[ FAVORITE TOOLS ]

I think this has the potential to be very useful.  Hopefully it will
expose some of the great but less-well-known security tools out
there.  Unfortunately I haven't analyzed the results yet.

[ CONFERENCES ]

Here are the conferences list members attend.  I forgot to include
some European conferences like HEU/HIP/CCC .  Sorry for being so US
Centric.  Anyway, here are the total results:

   DEFCON -- 24.1%
   Sans -- 20.8%
   USENIX -- 13.2%
   Blackhat Briefings -- 9.9%
   Hope/Beyond Hope/H2K -- 6.0%
   Toorcon -- 2.0%

I think one of the most striking points about these results is that
H2K is looking pretty obscure.  Considering it is only a month from
now, I think the 2600 crew really needs to start getting the word
out.  I don't even see a speaker list up at h2k.net, and the deadline
for reasonably priced airfair is coming soon.  I realize those guys
have been very busy with the (extremely important) DeCSS case (see
insecure.org for info), but it would be a shamre for this con to be
neglected.  I went to Beyond Hope a couple years ago and had a great
time.


[ GEOGRAPHY ]


5% of the respondants said they live here in the San Francisco Bay
Area.  Maybe we should have a get together/party.  I vote for JWZ's
soon to be opened DNA Loung Club (dnalounge.com), the CoffeeNet
Internet Cafe (coffeenet.com), or Bondage A-Go-Go
(http://www.bondage-a-go-go.com/).  If you know of other cool SF
hacker hangouts, let me know ( fyodor () insecure org ).

[ PREFERRED OS ]

What OS do people use to perform most of their scanning?  Here is how
you guys answered:

  linux       79.0% (965)
  solaris      7.4% ( 90)
  freebsd      4.8% ( 59)
  openbsd      3.9% ( 48)
  unanswered   2.5% ( 31)
  other        0.9% ( 11)
  aix          0.6% (  7)
  netbsd       0.4% (  5)
  irix         0.3% (  4)
  hp-ux        0.1% (  1)


[ PROPOGANDA ]

Of the "nmap propaganda" items (T-Shirts, stickers, etc), Panties were
the least popular.  40% of the females wanted them, but that is only 6
people:).  143 guys asked for paintes.  I hope this is for their
girlfriends and not themselves.  Sorry JP () AntiOnline -- you aren't
eligible!  Some people wanted to know whether the panties were edible
and/or scented :).  

T-Shirts were very popular (55% interested).  If anyone
has good design ideas or can do art, please drop me a line :).  If
your design is chosen you'll be famous :), and get a free T-Shirt.


[ HAT COLOR ]

In case anyone tries to ban Nmap, we should note that the largest
group of users were white hats (43.6%).  Next came gray hats (31.4%).
Only 1 in 10 admitted to being black hats (10.8%).  14.1% did not
answer.

It is interesting to compare the answers of White hats vs. Dark hats
(Black or Gray) to see how they differ.
   
Dark hats seem to use Nmap more frequently -- 36.7% of them use it
every day, compared to 24.9% of whitehats.  Uh oh :).

Dark hats seem to prefer the Free/Open Source operating systems.
Their percentage use of Linux, FreeBSD, and OpenBSD were all higher.
The Solaris percentage was significantly lower ( 5.4% vs 10.4%).


Requested features differed a bit.  The top 3 for white hats were
scripting, .nmaprc, and output to database.  For blackahts, the top
two were speed optimizations, and scripting.  #3 was a tie between
libnmap.so and output to database.

Conference preferences also differ:

The top three conferences for dark hats are:
   Defcon              -- 33.2%
   SANS                -- 17.9%
   Black Hat Briefings -- 14.0%
   SANS   -- 14.4%

White hats seem to prefer:
   SANS   -- 26%
   Defcon -- 19%
   USENIX -- 16.4%

Dark hats were slightly more likely to know each programming language
except LISP and Shell Script.

Dark hats were younger (avg age 26) than whitehats (avg age 30).  The
average for the whole survey was 28.

[ FULL SURVEY RESULTS ]

So you are still reading and want even more info?  Did you care about
one of the questions I didn't discuss?  Well Here are the
full results of each question (except age, which I was too lazy to
deal with, and the favorite tools, which I haven't analyzed yet).


I use Nmap at least ...  (1222 answers; 5 distinct)
  week        45.3% (554)
  day         30.0% (366)
  month       16.7% (204)
  less         6.2% ( 76)
  unanswered   1.8% ( 22)


My use of Nmap is ... (1220 answers; 5 distinct)
  both        49.3% (602)
  job         27.7% (338)
  personal    19.5% (238)
  unanswered   1.9% ( 23)
  neither      1.6% ( 19)


OS I run Nmap on most frequently ... (1221 answers; 10 distinct)
  linux       79.0% (965)
  solaris      7.4% ( 90)
  freebsd      4.8% ( 59)
  openbsd      3.9% ( 48)
  unanswered   2.5% ( 31)
  other        0.9% ( 11)
  aix          0.6% (  7)
  netbsd       0.4% (  5)
  irix         0.3% (  4)
  hp-ux        0.1% (  1)


Platform I run Nmap on most frequently ... (1219 answers; 8 distinct)
  X86         86.1% (1049)
  SPARC        7.5% (  91)
  unanswered   3.0% (  37)
  Other        1.4% (  17)
  PowerPC      0.9% (  11)
  Alpha        0.8% (  10)
  MIPS         0.2% (   3)
  DragonBall   0.1% (   1)


Do you have a working C++ compiler ... (1221 answers; 4 distinct)
  Yes         74.9% (914)
  C++ Sucks!  13.9% (170)
  No           8.5% (104)
  unanswered   2.7% ( 33)


Proposed Feature Opinions:

SOCKS Proxy bounce scanning (SCORE: 0.696; 1218 answers; 5 distinct)
  Somewhat useful       37.3% (454)
  Neutral               22.7% (276)
  No Comment            22.4% (273)
  Extraordinarily cool  16.9% (206)
  A BAD thing            0.7% (  9)


IP.ID Scanning (SCORE: 0.836; 1220 answers; 5 distinct)
  Somewhat useful       35.6% (434)
  Extraordinarily cool  24.3% (296)
  No Comment            22.4% (273)
  Neutral               17.5% (214)
  A BAD thing            0.2% (  3)


Traceroute support (SCORE: 1.043; 1220 answers; 5 distinct)
  Somewhat useful       42.8% (522)
  Extraordinarily cool  33.2% (405)
  Neutral               14.1% (172)
  No Comment             7.5% ( 91)
  A BAD thing            2.5% ( 30)


Integrated MP3 Player (SCORE: -1.065; 1218 answers; 5 distinct)
  A BAD thing           63.8% (777)
  No Comment            13.8% (168)
  Neutral               10.3% (126)
  Extraordinarily cool   9.0% (110)
  Somewhat useful        3.0% ( 37)


Output to Database option (-oD) (SCORE: 1.098; 1218 answers; 5 distinct)
  Somewhat useful       40.1% (489)
  Extraordinarily cool  37.0% (451)
  Neutral               14.1% (172)
  No Comment             6.5% ( 79)
  A BAD thing            2.2% ( 27)


Output to HTML option (-oH) (SCORE: 0.899; 1214 answers; 5 distinct)
  Somewhat useful       38.0% (461)
  Extraordinarily cool  31.0% (376)
  Neutral               19.9% (242)
  No Comment             6.1% ( 74)
  A BAD thing            5.0% ( 61)


Distributed scanning support (SCORE: 0.960; 1212 answers; 5 distinct)
  Extraordinarily cool  40.7% (493)
  Somewhat useful       27.4% (332)
  Neutral               18.0% (218)
  No Comment             7.6% ( 92)
  A BAD thing            6.4% ( 77)


Input via domain name (using zone XFER) (-iZ) (SCORE: 0.761; 1220 answers; 5 distinct)
  Somewhat useful       39.8% (486)
  Extraordinarily cool  21.1% (257)
  No Comment            18.4% (224)
  Neutral               17.8% (217)
  A BAD thing            3.0% ( 36)


Windows NT/2000 port (SCORE: -0.198; 1220 answers; 5 distinct)
  A BAD thing           34.8% (424)
  Neutral               20.7% (252)
  Somewhat useful       19.0% (232)
  Extraordinarily cool  15.3% (187)
  No Comment            10.2% (125)


Windows 95/98 port (SCORE: -0.615; 1218 answers; 5 distinct)
  A BAD thing           47.0% (572)
  Neutral               20.4% (248)
  Somewhat useful       12.7% (155)
  No Comment            10.1% (123)
  Extraordinarily cool   9.9% (120)


PalmOS Port (SCORE: 0.354; 1189 answers; 5 distinct)
  Neutral               30.4% (362)
  Extraordinarily cool  22.3% (265)
  Somewhat useful       18.3% (217)
  No Comment            15.3% (182)
  A BAD thing           13.7% (163)


Faster (speed optimizations) (SCORE: 1.188; 1220 answers; 5 distinct)
  Extraordinarily cool  42.5% (519)
  Somewhat useful       34.5% (421)
  Neutral               16.2% (198)
  No Comment             6.3% ( 77)
  A BAD thing            0.4% (  5)


Solaris Binaries in package format (SCORE: 0.283; 1205 answers; 5 distinct)
  Neutral               44.6% (538)
  No Comment            25.0% (301)
  Somewhat useful       15.9% (191)
  Extraordinarily cool  10.4% (125)
  A BAD thing            4.1% ( 50)


Scripting or module support for application-level probing/vuln testing (SCORE: 1.126; 1219 answers; 5 distinct)
  Extraordinarily cool  41.9% (511)
  Somewhat useful       32.4% (395)
  Neutral               12.0% (146)
  No Comment            11.9% (145)
  A BAD thing            1.8% ( 22)


Improved X Window front end (SCORE: 0.556; 1219 answers; 5 distinct)
  Neutral               37.8% (461)
  Somewhat useful       28.7% (350)
  Extraordinarily cool  18.9% (230)
  No Comment             9.2% (112)
  A BAD thing            5.4% ( 66)


.Nmaprc for storing default scan types, timing, favorite decoys, etc (SCORE: 1.105; 1142 answers; 5 distinct)
  Somewhat useful       43.6% (498)
  Extraordinarily cool  35.6% (406)
  Neutral               11.1% (127)
  No Comment             7.6% ( 87)
  A BAD thing            2.1% ( 24)


libnmap.so C library for pinging/port scanning/os detection (SCORE: 1.018; 1138 answers; 5 distinct)
  Somewhat useful       35.9% (409)
  Extraordinarily cool  34.3% (390)
  Neutral               15.0% (171)
  No Comment            13.4% (153)
  A BAD thing            1.3% ( 15)


Conference choices:

I generally attend/plan to attend DEFCON (1222 answers; 2 distinct)
  No   75.9% (927)
  Yes  24.1% (295)


I generally attend/plan to attend BLACKHAT BRIEFINGS (1222 answers; 2 distinct)
  No   90.1% (1101)
  Yes   9.9% ( 121)


I generally attend/plan to attend HOPE/BEYOND HOPE/H2K (1222 answers; 2 distinct)
  No   94.0% (1149)
  Yes   6.0% (  73)


I generally attend/plan to attend TOORCON (1222 answers; 2 distinct)
  No   98.0% (1198)
  Yes   2.0% (  24)


I generally attend/plan to attend USENIX (1222 answers; 2 distinct)
  No   86.8% (1061)
  Yes  13.2% ( 161)


I generally attend/plan to attend SANS (1222 answers; 2 distinct)
  No   79.2% (968)
  Yes  20.8% (254)


Propaganda choices:

I might be interested in purchasing T-SHIRTS (1222 answers; 2 distinct)
  No   54.6% (667)
  Yes  45.4% (555)


I might be interested in purchasing PANTIES (1222 answers; 2 distinct)
  No   87.8% (1073)
  Yes  12.2% ( 149)


I might be interested in purchasing STICKERS (1222 answers; 2 distinct)
  No   79.8% (975)
  Yes  20.2% (247)


I might be interested in purchasing SCANNING SERVICE (1222 answers; 2 distinct)
  No   85.8% (1048)
  Yes  14.2% ( 174)


Misc.

Gender (1220 answers; 3 distinct)
  Male        93.1% (1136)
  unanswered   5.7% (  69)
  Female       1.2% (  15)


Hat Color (1218 answers; 4 distinct)
  white       43.6% (531)
  gray        31.4% (383)
  unanswered  14.1% (172)
  black       10.8% (132)


Live in San Francisco? (1215 answers; 3 distinct)
  No          88.3% (1073)
  unanswered   6.7% (  81)
  Yes          5.0% (  61)


Read the man page? (1213 answers; 5 distinct)
  Yes -- And I thought it was quite useful     69.0% (837)
  Yes -- But it was unclear/needs improvement  11.0% (134)
  No -- I have not had a chance                 9.2% (111)
  No Comment                                    8.6% (104)
  No -- What the hell is a man page?            2.2% ( 27)


Programming language choices:

I have programmed in C (1222 answers; 2 distinct)
  Yes  69.9% (854)
  No   30.1% (368)


I have programmed in C++ (1222 answers; 2 distinct)
  No   51.9% (634)
  Yes  48.1% (588)


I have programmed in Perl (1222 answers; 2 distinct)
  Yes  59.8% (731)
  No   40.2% (491)


I have programmed in Shell Script (1222 answers; 2 distinct)
  Yes  63.3% (774)
  No   36.7% (448)


I have programmed in TCL (1222 answers; 2 distinct)
  No   81.0% (990)
  Yes  19.0% (232)


I have programmed in Lisp (1222 answers; 2 distinct)
  No   88.3% (1079)
  Yes  11.7% ( 143)


I have programmed in Scheme (1222 answers; 2 distinct)
  No   93.3% (1140)
  Yes   6.7% (  82)


I have programmed in Python (1222 answers; 2 distinct)
  No   88.2% (1078)
  Yes  11.8% ( 144)


I have programmed in Other (1222 answers; 2 distinct)
  Yes  54.5% (666)
  No   45.5% (556)




  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]