Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: What languages/toolkit to use for the new GUI?
From: Manu Garg <manugarg () gmail com>
Date: Tue, 7 Jun 2005 17:23:03 -0400

I vote for Python. 

Reasons - 

1. Fast development - Very intuitive language, lots of libraries and
extremely active community.
2. Cross-platform.
3. Has a good history with applications like WinCVS.
4. Open Source.

I like to avoid java as much as possible. It has many and rather
bigger issues f.e. slow startup and getting hung anytime without any
clue.

cheers,
~manu

On 6/7/05, Adam Jones <ajones1 () gmail com> wrote:
Actually if you look at the archives a bit, I've made a fairly detailed
outline of the features I intend to implement in my web based proposal
(under the "Nmap GUI" subject).

Now, my goal isn't to replace the role of a standalone GUI app in any
respect - this is a tool for people or institutions that routinely scan a
network over a long period of time and like to know what's listening on
which machines on their network, or when something new starts
listening...without having to keep tons of text/xml files around and
perform manual diffs of them.  I'd contend that my goals would be MUCH more
easily implemented and utilized in a central, web-based environment than as
a standalone application.

I'd also contend that most people likely to deploy an application of this
nature would already have a web server running in some capacity somewhere
for internal purposes.  The fact that the web server it runs on is
potentially vulnerable is also to an extent irrelevant for that reason.
Maintaining said web server would (hopefully) already be an exercised
practice.  As far as the security aspect of the tool itself goes, such a
tool would ideally be deployed with proper precautions taken to isolate it
from unsafe networks and internal threats (behind appropriate firewalls,
access controlled, etc).

Will

So do you intend this to be entirely an analysis tool or would it also
execute the scans? I can see where having a central place that
everyone can load nmap xml result files to would be useful. Asking
people to run nmap scans from their web server might be a little bit
much though.

My $.02: Concentrate on data analysis and imports from every possible
source. Forget about running scans from the server. Maybe even
consider setting advanced access permissions where one group can
specify what and how much of their data another group can see.

-Adam


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev



-- 
Manu Garg
http://manugarg.freezope.org
"Truth will set you free!"


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]