Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Nmap Development: Re: LAN/WAN Configuration Management

Re: LAN/WAN Configuration Management

From: kx <kxmail_at_gmail.com>
Date: Mon, 3 Oct 2005 22:22:59 -0400

I have been looking at some of this.

On the XML part, I think it is a bad idea to add SVG to the nmap
output, but instead use the current XML output and transform it into
whatever you want, HTML, SVG, CSV, etc.... The XML as-is already
gives a lot of power, and I have been toying with XSLT, SVG and HTML
already with neat results.

As for network mapping, Fyodor has plans to add traceroute
functionality to nmap; it is in his original XML proposal:
http://seclists.org/lists/nmap-dev/2000/Jul-Sep/0038.html

I've been looking at ways to visualize a format like this, and now I
am curious what suggestions this list may propose, and which approach
the largest group would fine most useful.

1st approach: Use XSLT on the XML output to create a DHTML + SVG page
that will render in a browser. I believe I would have to use
javascript to do most of the graph placement. While I truly like this
approach, and I am trying to think of a "lite" version of a graph
visualization to be added to the current XSLT file, I worry SVG is
still not tremendously adopted, and the last thing I want to do is
heavy graph work in XSLT and javascript.

2nd approach: Use a C++ or Perl wrapper to AT&T's graphviz (
http://www.graphviz.org/ ) to do the tough graph work, then export to
DHTML + SVG, or DHTML + PNG, or PNG, or etc...

This is what scapy ( http://www.secdev.org/projects/scapy/ ) does for
its maps as well as many others. I like this approach a lot for
robustness and portability, but the downside is the external library
dependency.

3rd approach: New complete standalone viewer - seems excessive, but
perhaps this list will think otherwise.

Wouldn't mind a few suggestions, or if anyone wanted to beat me to the
punch on these ideas, as grad studies are taking up more of my hobby
time than I had planned.

Thanks,
  kx

On 10/3/05, Nils Magnus <magnus_at_linuxtag.org> wrote:
> Re,
>
> On Mon, Oct 03, 2005 at 02:29:09PM -0400, Fred Eisele wrote:
>
> > I would like to see a stronger xml presence in nmap, as I feel that would
> > make it easier to integrate nmap into such a mechanism
> > In particular, I would like to see/develop...
> > - some nice graphical output (in svg)
>
> I'd love to see something like that as well, but don't underestimate the
> comlexity of such a task. In fact this applies to several of your
> suggestions: In my opinion, one of the key factors for nmap's success is
> the very general approach; nmap does not make much assumptions about the
> environment it scans.
>
> If you try to draw network maps automatically, usually they are not much
> better help compared to the text form, since graph placing/routing seems
> to be a rather complex task. However, I do not intend to keep you from
> developing something like that.
>
> > Have you considered making use of a "proper" xml dom
> > library (e.g. libxml2, xerces) rather than the roll-your-own technique?
> > This could make the -append-output problem quite a bit easier to handle.
>
> Well, that is right, but earlier discussion also showed that some people
> like the XML approach, but some don't use that at all. Again, I am not
> sure if sacrificing part of that generalistic approach is a good idea.
>
> We are alredy at a point where complexity is obviously an issue for
> nmap, even in the core functionality. I those propose to implement such
> ideas "around" the vanilla nmap.
>
> > It would be helpful if the master file described certain missing information.
> > For example, the routing tables.
> > Anyway, the question, I guess, is whether nmap could use that information
> > to do a better job of scanning?
>
> Hm, effectivly nmap just distinguishes between layer-2 connected and
> layer-3+ connected networks. To assess information about some network
> infrastructure, the routing table and other stuff you usually asses with
> traceroute/tcptraceroute etc. is very helpful, if not crucial for such
> tasks. It is very tempting to try to integrate that information into
> nmap, but the complexity threat comes quickly in there, again.
>
> Regards,
>
> Nils Magnus
> Program-Chair LinuxTag 2005 Free Conference Program
>
> LinuxTag 2005: Where .com meets .org - magnus_at_linuxtag.org
>
>
> _______________________________________________
> Sent through the nmap-dev mailing list
> http://cgi.insecure.org/mailman/listinfo/nmap-dev
>

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Received on Oct 03 2005

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos