Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: Socat
From: Andreas Ericsson <ae () op5 se>
Date: Fri, 17 Jun 2005 00:06:35 +0200

Fyodor wrote:
On Thu, Jun 16, 2005 at 08:17:54PM +0200, Andreas Ericsson wrote:

More like sitting in a wheelchair and building surfboards for no-one in 
particular.

True. Student projects tend to lean somewhat toward intellectual 
masturbation. Let's just hope they don't get carried away with their own 
cleverness.


Just because you don't like to surf, doesn't make surfboards useless.
Sorry for continuing the bad analogy, but the programs are _at least_
ones that *I* would like to use, if no one else.  I spent the summer
of 1997 at Johns Hopkins University, and gave myself a summer project:
write a new and improved port scanner to extend and reinterpret the
excellent but aging and barely maintained strobe.  You may call that
intellectual masturbation or getting carried away with my own
cleverness if you like, but I think the Nmap project has turned out
pretty well.


Yup. Works like a charm. :)

netcat has several (maintained) incarnations though, and part of its 
charm is that it keeps everything so absolutely super-simple (the 
original netcat actually only had "main()" which consisted of some 2000 
lines of code and still managed to be somewhat elegant). Adding 
certificate logons, 2048-bit encryption, cryptographically sound hashing 
and public-key authentication will just make it messy without 
accomplishing all that much. Do we really need to re-invent ssh?

I wrote Nmap to suit my own needs, and was glad that other people
found it useful as well.  In the same way, my proposals for the Nmap
SoC projects are what I would like to see and use.  And judging by the
hundreds of applications for 5-10 sponsorship slots, many other people
are excited about the prospect as well.  Just because a project
doesn't push all of your buttons, doesn't make it useless.

Something worth while would be write a testing engine for 
vulnerabilities to serially try various exploits on a wide range of 
hosts.


And you were so worried that the revised Netcat would be abused by
script kiddies??!  You declared that "spending quality coding time so
that juvenile idiots ... have a means of quickly doing something
non-constructive and possibly illegal is not my idea of fun."


Yes, I did. That was because the original poster proposed so adamantly 
that the code must be portable to windows, since it was often needed as 
a backdoor program there. Implementing all the features (cryptohashing, 
keys, yada yada) and still keeping it portable to windows will be a 
maintainer night-mare. Living that nightmare for the benefit of 
script-kiddies is something I don't wish upon my worst enemy.

The exploit testing engine would not only work for the shy side of the 
community but would also have a very wide legitimate use, and would put 
a hefty amount of pressure on the large software companies and 
distributors to release patches quickly when security weaknesses are 
found. Once the exploit is in the fingerprint database their customers 
will suffer. Suffering customers are fairly often a bit miffed about the 
whole thing, and tend to take such things in a thoroughly 
non-philosophical way.

But seriously -- student absolutely do not need to go by my
proposals.  They can (and some have) propose something totally new or
a major modification of one of these proposals.  And if I think the
proposal rocks, I'll try to get it sponsored.  You need to be a
student for this particular opportunity, and the app deadline has
passed, but if there is something someone really wants to see ... send
me (or nmap-dev) a detailed proposal!  If it looks good, I'll run it
by the applicants and see if any are interested.  I probably will add
at least a couple more projects, if I can think them up.  But it will
have to be in the next few days, as the acceptance deadline is next
Friday.


Unfortunately I put the scholars' world behind me nine years ago, and as 
I've already stated in a reply to madhat I'm bound by contract not to 
publish code or designs which can be used for anything nasty.

Remember the major limitations though: it has to be doable by 1
talented student in 2 months.  And I try to propose things that can be
mostly done outside of Nmap's core source code, 'cause having 10
people all trying to hack the Nmap innards would be a mess.  Yet it
still has to be somewhat Nmap related.


I'm strongly in favour of the capability to demand-load modules, but I 
guess I've communicated that at least twice already (in other postings), 
so I'll just shut up now and go about starting my vacation. Don't be 
terribly offended if I don't reply for the next two weeks.

-- 
Andreas Ericsson                   andreas.ericsson () op5 se
OP5 AB                             www.op5.se
Lead Developer


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault