Hi
I already started hacking on it... I almost have it integrated in
ultra_scan, if I have any questions should I write to this list or to
the hackers list?
Best regards,
Pablo
El jue, 05-01-2006 a las 00:33 -0800, Fyodor escribió:
> On Sun, Jan 01, 2006 at 06:14:50AM +0100, Pablo Fernandez wrote:
> >
> > As a gift for this new year I just finished coding a patch for the
> > latest stable release of nmap (3.95). Just like the Idle scan, this one
> > also sends 0 packets to the target from the true IP address (although is
> > not as cool as the Idle scan, bummer =P ).
>
> Thanks, Pablo. Users request "proxy scan" on a fairly regular basis.
> It was ranked #14 out of 22 in the 2003 Nmap survey
> (http://seclists.org/lists/nmap-hackers/2003/Apr-Jun/0011.html).
> We'll see how it does in the 2006 survey, which should be announced
> within a month.
>
> Even a patch which isn't integrated into Nmap is useful in that users
> can always apply it and use it themselves. That is the beauty of open
> source! I would certainly consider integrating a well-written proxy
> patch which:
>
> o Can handle both SOCKS and HTTP proxies
> o Handles proxy chaining gracefully
> o Scans the ports in parallel, ideally using the existing ultra_scan()
> infrastructure.
> o Includes documentation (diff of docs/nmap_manpage.xml)
> o Is coded carefully to avoid buffer overflows or any other security
> problems. It also must be efficient and accurate.
> o Tested on UNIX and Windows
>
> If someone wants to construct such a patch, you are certainly welcome
> and encouraged to do so!
>
> Cheers,
> -F
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Received on Jan 05 2006
Intro
