Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Do I have any chance???Please advise...
From: Gulshan Kumar <gulshan.yaadav () gmail com>
Date: Mon, 28 Mar 2011 14:51:17 +0530

Hi I am Gulshan(irc handle:-drake01)
I am a second year student persuing Computer Science and Engineering from
India.
I know C, C++, python well. Learnt LUA as suggested by Nmap project ideas
list. Have basic ideas about Computer Networks (how networks work and knows
socket programming). Not tried to code anything for nmap by now.
Currently trying to understand the code of NMAP source code and preparing
project idea for nmap project.
I joined the mailing list a bit late, actually quite late (because of some
unavoidable personal reasons).

I wanted to know following things from all of you (especially
administrators),

Q1-Where do I stand?? Am I too late for participating in GSOC2011 with nmap
as mentor??
Q2-Am I following the right path (based on the steps which I am following,
mentioned above)??

 Please help me giving your valuable views about what changes should I make
in my current routine and what should I focus more on while preparation.
Criticism or suggestions are  welcome!!!

On Mon, Mar 28, 2011 at 8:06 AM, <nmap-dev-request () insecure org> wrote:

Send nmap-dev mailing list submissions to
       nmap-dev () insecure org

To subscribe or unsubscribe via the World Wide Web, visit
       http://cgi.insecure.org/mailman/listinfo/nmap-dev
or, via email, send a message with subject or body 'help' to
       nmap-dev-request () insecure org

You can reach the person managing the list at
       nmap-dev-owner () insecure org

When replying, please edit your Subject line so it is more specific
than "Re: Contents of nmap-dev digest..."


Today's Topics:

  1. GSoC Candidate Intro and Project Discussion
     (Dautenhahn, Nathan Daniel)
  2. Re: Question about GSoC Application (Toni Ruottu)
  3. Re: nmap in GSoC - student idea (David Fifield)
  4. Re: Duplicate hosts detection with ssh-hostkey (David Fifield)
  5. Re: Idea for Nmap Gsoc 2011 (David Fifield)
  6. Re: Ideas for NSE IPv6 (David Fifield)
  7. Re: Greetings from Spain (Anubis LD)
  8. Re: [GSOC] ncat gui idea (David Fifield)
  9. GSoC URL (David Fifield)
 10. Re: Possible bug report - nmap scan elapsed time changes into
     negative time (Daniel Miller)


----------------------------------------------------------------------

Message: 1
Date: Sun, 27 Mar 2011 16:46:14 -0500
From: "Dautenhahn, Nathan Daniel" <dautenh1 () illinois edu>
Subject: GSoC Candidate Intro and Project Discussion
To: "nmap-dev () insecure org" <nmap-dev () insecure org>
Message-ID: <20516802-3D44-42AE-A4C9-3BF7EC737714 () illinois edu>
Content-Type: text/plain; charset="us-ascii"

Hey All-

My name is Nathan Dautenhahn. I am a second year PhD student at the
University of Illinois at Urbana-Champaign and am interested in working with
the Nmap project for GSoC 2011. With this message I would like to get to
know some of the devs, as well as outline my initial thoughts for the
project.

I would like to participate in the enhancement of Nmap's IPv6 capabilities.
As I'm a researcher, I'm inclined to tackle more complex problems such as OS
detection. I have previous experience in using statistical packet analysis
to perform classification of encrypted traffic.

At this point I still need to specify in greater detail my ideas and scope
for the project, but figured it would be good to start here to make sure
that I'm getting the right feedback throughout the process. I will say I
don't know how current IPv4 host detection occurs, and assume that I should
start there. The following lists an initial approach I would take in order
to develop host detection:


 *   Review IPv4 host recognition techniques and other literature on the
subject
 *   Review IPv6 RFC Specification
 *   It seems as though host detection is very specific to the OS and other
implementation specific issues, and as such profiling the different systems
seems like a good first step. I would manually review packet traces from
each OS in order to find any unique state produced by the system.
 *   Review other state output visible to the network. This task would be
focused on exposing any unexpected state that could be used for host
detection.
 *   After manually analyzing these traces and other output from the hosts
I would start to develop some type of classification of different types of
data we find valuable in performing host recognition.
 *   Would need to analyze and define what type of pattern/classification
technique we will use.
 *   The next thing would be to build some type of initial prototype and
see how it does.
 *   Then make modifications and recurse over testing and modification
until the application performs as desired.

Like I said this is a very raw initial approach. Please provide any
feedback to point the project in a direction that would better serve Nmap.

I have a few questions:

 *   What is the potential for publication coming from this work? Would
Nmap be okay if attempted this, and would there be interest from Nmap to
participate in this?
 *   Is this too advantageous of a project, or would I also need to add in
some other work?

Additionally, the following link returns a 404 error:
http://socghop.appspot.com/gsoc/org/home/google/gsoc2011/nmap

As well as:
http://www.google-melange.com/gsoc/org/home/google/gsoc2011/nmap

These are the application and application template links.

Thanks,
::nathan::


------------------------------

Message: 2
Date: Mon, 28 Mar 2011 00:50:15 +0300
From: Toni Ruottu <toni.ruottu () iki fi>
Subject: Re: Question about GSoC Application
To: Nick Nikolaou <nikolasnikolaou1 () gmail com>
Cc: nmap-dev () insecure org
Message-ID:
       <AANLkTi=RoxOgfftBE1Kvest9kM2wZHhjoBJzU+eFkCMZ () mail gmail com>
Content-Type: text/plain; charset=ISO-8859-1

I think the idea was to pick scripts that the applicant considers
important, and feels comfortable doing. It does not make sense to say
"these are the top-3 scripts" and have everyone write them down in
their applications. The scripts one wants to work on should match the
skills one mentions in the application, and the applicant should be
able to write down why he thinks those scripts are important to him,
or to others.

Also I think the application does not need to be exactly what one is
going to work on. It is supposed to describe understanding,
suitability, and involvement. It is probably ok to do some adjustments
to those plans during the summer. At least this is the impression I
got from what was said earlier.

On Mon, Mar 28, 2011 at 12:12 AM, Nick Nikolaou
<nikolasnikolaou1 () gmail com> wrote:
Hello everyone,

I was going through the application template and I was wondering to which
extend does that project proposal question (expected timeline,milestones)
apply to NSE script developers.

From my point of view, the objective would be to research and implement
as
many useful scripts as time allows. Are there any scripts that you
consider
milestones and/or any specific deadline requirements?

Thanks,
Nick
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/



------------------------------

Message: 3
Date: Sun, 27 Mar 2011 14:51:04 -0700
From: David Fifield <david () bamsoftware com>
Subject: Re: nmap in GSoC - student idea
To: Hiemanshu Sharma <hiemanshu () gmail com>
Cc: "nmap-dev () insecure org" <nmap-dev () insecure org>
Message-ID: <20110327215104.GU303 () gusto bamsoftware com>
Content-Type: text/plain; charset=us-ascii

On Fri, Mar 25, 2011 at 04:42:12PM +0530, Hiemanshu Sharma wrote:

1) Updating everything to current python and Qt (and also lay
foundation for a python 3 port)

What do you mean by "current Python"? We use the most recent Python 2.6
and PyGTK as far as I know. We don't use Qt at all. If we move to
Python
3, we would abandon the Python 2 code completely (unless we can make
the
same code work on both)--we don't want to maintain two copies of the
program.

I am planning to redesign it in PyQt because for one the libs in GNOME 3
are
going to change, and you would have to maintain two copies for it if you
want to support both (Qt works on all 3 OSes much better than GTK does
and
also supports mobile devices)

I can only speak for myself, but it's going to take some pretty
compelling evidence to convince me that rewriting Zenmap with PyQt is a
good idea. (In other words, it's not likely.) The other mentors probably
feel the same way. Doing that job alone will probably take all summer,
trading new compatibility problems and bugs for few benefits.

I'm not trying to put your idea down, just trying to give you realistic
expectations of how proposals will be evaluated.

It may seem contradictory for me to say this, but I wouldn't be opposed
to Zenmap's GUI being rewritten completely, however it would have to
proceed from someone with a clear, unified design that removes Zenmap's
current UI infelicities. It couldn't just be a straight port of the
current UI.

David Fifield


------------------------------

Message: 4
Date: Sun, 27 Mar 2011 15:05:56 -0700
From: David Fifield <david () bamsoftware com>
Subject: Re: Duplicate hosts detection with ssh-hostkey
To: Henri Doreau <henri.doreau () greenbone net>
Cc: nmap-dev <nmap-dev () insecure org>
Message-ID: <20110327220555.GV303 () gusto bamsoftware com>
Content-Type: text/plain; charset=us-ascii

On Fri, Mar 25, 2011 at 07:15:12PM +0100, Henri Doreau wrote:
Hello,

please find attached a patch for ssh-hostkey.nse. It adds a postrule
to the script, that checks for IP addresses using the same hostkey(s)
and report possible duplicate hosts.

Thanks, that's a good idea. I have committed it.

David Fifield


------------------------------

Message: 5
Date: Sun, 27 Mar 2011 15:20:34 -0700
From: David Fifield <david () bamsoftware com>
Subject: Re: Idea for Nmap Gsoc 2011
To: Anil Pradyumna Chakicherla <pradyumnanil89 () gmail com>
Cc: nmap-dev () insecure org
Message-ID: <20110327222033.GW303 () gusto bamsoftware com>
Content-Type: text/plain; charset=us-ascii

On Sat, Mar 26, 2011 at 12:46:39PM +0530, Anil Pradyumna Chakicherla wrote:
I would like to develop an addition to nmap by filtering the IP
spoofing using the interdomain packet filtering using a C++ and i have
already developed the skeleton on java so i can implement it onto the
nmap circuit...

Hello Anil, thanks for writing. If you're interested in applying for the
Summer of Code, please see these pages:
       http://www.google-melange.com/gsoc/org/home/google/gsoc2011/nmap
       http://nmap.org/soc/
       http://nmap.org/soc/GeneralRequirements.html
       http://nmap.org/soc/apply.html

We'll need mroe information to help you with your proposal--from what
you wrote above I don't know what it is. Nmap isn't usually a filtering
program--are you thinking of a firewall or IDS? Is your Java skeleton
online somewhere where we can see it?

David Fifield


------------------------------

Message: 6
Date: Sun, 27 Mar 2011 15:25:14 -0700
From: David Fifield <david () bamsoftware com>
Subject: Re: Ideas for NSE IPv6
To: nmap-dev <nmap-dev () insecure org>
Message-ID: <20110327222514.GY303 () gusto bamsoftware com>
Content-Type: text/plain; charset=us-ascii

On Sun, Mar 27, 2011 at 10:46:17AM +0100, Djalal Harouni wrote:
I just got a link to this tool: http://www.thc.org/thc-ipv6/ by THC.
To quote THC: "A complete tool set to attack the inherent protocol
weaknesses of IPV6 and ICMP6 ..." [1], the tool is under GPL v3.

I have tried that toolset. The alive6 tool has good ideas for multicast
host discovery. I put it with other ideas in my IPv6 notes:
       svn cat svn://svn.insecure.org/nmap-exp/david/ipv6/notes.txt

David Fifield


------------------------------

Message: 7
Date: Mon, 28 Mar 2011 00:27:53 +0200
From: Anubis LD <livingdeaddivision () gmail com>
Subject: Re: Greetings from Spain
To: nmap-dev () insecure org
Message-ID:
       <AANLkTim6n=-caKfktJMWa1H00ALWEvcyb1O6OkY=f_M4 () mail gmail com>
Content-Type: text/plain; charset=ISO-8859-1

2011/3/27 David Fifield <david () bamsoftware com>


Hi Sergio, thanks for writing. My advice is to write an application and
do the best you can at showing your skills. Even if you are not
accepted, it is good practice, and if it is a serious proposal it's not
a waste of the reviewers' time. You can always try to gain a little
experience by writing some small patch, or fixing a bug, or writing a
new script. That's a good way to get involved with Nmap or another free
software project.

David Fifield



Hi David, many thanks for your answer and advice. Some days suscribed to
the
list and reading the work of the people has show me that sure it?s still
soon for me. I?m very unexperienced compared to the rest of the people that
are writing for giving ideas, so I will take your advice, I will write the
application to know how do it in a good way and I will try to get more
involved to be ready, a little more experienced and with better ideas, for
the next GsC.

Thanks again,

--
Sergio
<http://www.flickr.com/photos/livingdeaddivision/>


------------------------------

Message: 8
Date: Sun, 27 Mar 2011 15:44:29 -0700
From: David Fifield <david () bamsoftware com>
Subject: Re: [GSOC] ncat gui idea
To: Shinnok <admin () shinnok com>
Cc: nmap-dev () insecure org
Message-ID: <20110327224429.GZ303 () gusto bamsoftware com>
Content-Type: text/plain; charset=us-ascii

On Sun, Mar 27, 2011 at 01:45:33PM +0300, Shinnok wrote:
I would like to probe my idea for this GSOC iteration
for nmap against the nmap-dev list. What I am thinking
about is a GUI for Ncat, written in native C++ code
and Qt.

It doesn't interface with ncat currently, though it's enough for
a gui idea poc. The interfacing with netcat i'm planning to do it via
UNIX pipes, either manually using dupes or libc popen() on *NIX,
and _popen() on Windows *.*. Another choice for interfacing agains
ncat would be to link against ncat's object files, though this effort
would be more valuable in the case of Nmap(see bellow).

Hello Shinnok. Thanks for writing and for explaining your ideas in
detail.

Will the GUI support some advanced uses that use features of the shell?
To me, one of the best features of Netcat is that it behaves well as a
shell program. For example, "Chain Ncats Together" from
http://nmap.org/ncat/guide/ncat-tricks.html, and "Transfer a disk image
with compression" from
http://nmap.org/ncat/guide/ncat-file-transfer.html.

Another reason that i am sending this e-mail is to probe the nmap's
team and community need for a new GUI for nmap. The ideas pointed
in this e-mail for Ncat were originally devised by me for a brand new
interface for Nmap that I would want and need. While I do realize
that Yet Another Gui(YAG) for Nmap would create fragmentation, it's the
kind of fragmentation that keeps open source *secure* and diverse.
Thus, what do you think about the same ideas written above, but applied
for Nmap(add the mobile and embedded advantages of Qt on top)?

A Summer of Code project to make a new GUI is very unlikely. I think
people underestimate the amount of effort that goes into it.

David Fifield


------------------------------

Message: 9
Date: Sun, 27 Mar 2011 16:55:58 -0700
From: David Fifield <david () bamsoftware com>
Subject: GSoC URL
To: "Dautenhahn, Nathan Daniel" <dautenh1 () illinois edu>
Cc: "nmap-dev () insecure org" <nmap-dev () insecure org>
Message-ID: <20110327235558.GA303 () gusto bamsoftware com>
Content-Type: text/plain; charset=us-ascii

On Sun, Mar 27, 2011 at 04:46:14PM -0500, Dautenhahn, Nathan Daniel wrote:
Additionally, the following link returns a 404 error:
http://socghop.appspot.com/gsoc/org/home/google/gsoc2011/nmap

As well as:
http://www.google-melange.com/gsoc/org/home/google/gsoc2011/nmap

These are the application and application template links.

Thanks for letting us know about that. Hopefully it is only temporary;
the Summer of Code infrastructure software (called Melange) was just
upgraded this weekend. This URL seems to be working:
       http://www.google-melange.com/gsoc/org/google/gsoc2011/nmap
Unfortunately it's not showing the application template at the moment.
I'll check on it again tomorrow.

David Fifield


------------------------------

Message: 10
Date: Sun, 27 Mar 2011 21:36:18 -0500
From: Daniel Miller <bonsaiviking () gmail com>
Subject: Re: Possible bug report - nmap scan elapsed time changes into
       negative time
To: nmap-dev () insecure org
Message-ID:
       <AANLkTimYuzqxD9sVifvwo-gLEYJ_Yjs+NCeFaoU6nzYv () mail gmail com>
Content-Type: text/plain; charset="iso-8859-1"

On 3/27/11, David Fifield <david () bamsoftware com> wrote:
On Fri, Mar 25, 2011 at 09:01:47AM -0500, Daniel Miller wrote:
I looked into this some more. The particular function that affects
that output line is NmapOps::TimeSinceStartMS, which returns an int
generated with the TIMEVAL_MSEC_SUBTRACT macro #defined in
nbase/nbase.h:

#define TIMEVAL_MSEC_SUBTRACT(a,b) ((((a).tv_sec - (b).tv_sec) * 1000)
+ ((a).tv_usec - (b).tv_usec) / 1000)

The overflow happens when the difference in seconds is multiplied by
1000. Interestingly, the TIMEVAL_SEC_SUBTRACT macro:

#define TIMEVAL_SEC_SUBTRACT(a,b) ((a).tv_sec - (b).tv_sec +
(((a).tv_usec < (b).tv_usec) ? - 1 : 0))

returns seconds, and does not suffer from this overflow. A quick grep
through the source for calls to TimeSinceStartMS:

$ find . \( -name .svn -prune -false \) -o -print0 | xargs -0 grep -H
--color TimeSinceStartMS

shows that in only one case is the return value NOT divided by 1000.0
(which casts it to a float). The one case is an assignment to the
starttimems attribute of the OsScanInfo class, which is only used one
place (divided by 1000.0).

I'm attaching a patch that adds a function, NmapOps::TimeSinceStartS,
which returns a float. It does this using a new macro,
TIMEVAL_FSEC_SUBTRACT, that results in a floating-point difference in
seconds, which is the most common case. After converting all the calls
to use this function, I can no longer find any calls to
TimeSinceStartMS, but I left it in anyway. I tested this patch with a
-A -T5 -vv -dd scan of my /24 subnet, and saw no issues.

Thanks Daniel, this is a good idea. Make a few changes and I'll commit
it:
      Rename TimeSinceStartS to TimeSinceStart.
      Rename starttimes to starttime.
      Remove TimeSinceStartMS.

David Fifield

I made the changes you suggested, and attached the patch.

Dan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: floattime.diff
Type: text/x-diff
Size: 7454 bytes
Desc: not available
URL: <
http://cgi.insecure.org/mailman/private/nmap-dev/attachments/20110327/f637dc6d/attachment.bin


------------------------------

_______________________________________________
nmap-dev mailing list
nmap-dev () insecure org
http://cgi.insecure.org/mailman/listinfo/nmap-dev


End of nmap-dev Digest, Vol 72, Issue 72
****************************************




-- 
Gulshan Kumar.
2nd Year, B.Tech
Computer Science and Engineering
NIT Trichy.
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]