|
Nmap Development
mailing list archives
RE: Generating Graphical Diagrams/Maps from Nmap output
From: "Sina Bahram" <sbahram () nc rr com>
Date: Mon, 22 May 2006 01:16:46 -0400
I would recommend that certain graphing algorithms be used to help
with this.
For example: couldn't minimum spanning trees be used to isolate subnets if
the initial graph is setup correctly?
Take care,
Sina
-----Original Message-----
From: nmap-dev-bounces () insecure org [mailto:nmap-dev-bounces () insecure org]
On Behalf Of Nils Magnus
Sent: Sunday, May 21, 2006 11:53 AM
To: Fyodor
Cc: nmap-dev () insecure org
Subject: Re: Generating Graphical Diagrams/Maps from Nmap output
Re,
On Fri, May 19, 2006 at 07:31:56PM -0700, Fyodor wrote:
If you have any interest in such a tool, now is a good chance to pipe
in with features you would like to see, implementation ideas, etc.
My greatest concern is the display of network structures. I have seen many
tools that just draw nodes (routers or leaf systems) and edges between them.
Cheops is such a tool. Especially in firewall and trickier router situations
this is not enough.
At least to me it is of high importance that the subnet structure of a
network is rendered. Think of scanning a C-class type network you don't know
in the first place 192.168.66.0/24. Assume the .0, .127, .128, .191, .192,
and .255 returning multiple responses, so the experienced watcher of nmap-TV
immediately suspects that there are in fact three subnets 192.168.66.0/25,
192.168.66.128/26, and 192.168.192/26 (and proves that by issuing manual
traceroute-probes). Assume further that there are active hosts .50, .100,
.150, and .200. The last hop (the interface to our direction) has the IP
10.10.10.10.
Unfortunately, most tools will draw something like that:
+-------------+
| 10.10.10.10 |
+-------------+
/ | | \
192.168.66.50 .100 .150 .200
which is not the whole truth. I'd like to see a picture like
|
+---10.10.10.10---+
| |
+-|-------|-----|-+
.1| .129| |.193
192.168.66.0/25 |------------| | |-------------| 192.168.66.192/26
.50| .100| | | .200
X X | X
|
192.168.66.128/26 |--------|
|.150
X
I hope you get the idea. Unfortunately it is not always (easily, from a
single source) possible to deduce if there is actually a smaller subnet in
all cases. However, I'd like to see the option included to be able to
display such graphs once this information is available.
This means storing information about IPs and their connection is not
sufficent, the subnet (identified by it's mask) has to be taken into account
as well.
I just pointed that out in this stage of the development since I think that
later changes are very difficult.
HTH,
Regards,
Nils Magnus
Program-Chair LinuxTag 2006 Free Conference Program
LinuxTag 2006: Where .com meets .org - magnus () linuxtag org
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
 By Date 
By Thread
Current thread:
- <Possible follow-ups>
- RE: Generating Graphical Diagrams/Maps from Nmap output Sina Bahram (May 22)
|
