Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: Student interested in Gsoc (Nmap Cloud Scanning Platform)
From: alexandru <alex () hackd net>
Date: Tue, 3 Apr 2012 16:05:19 -0700

On 2012-03-24, at 8:50 AM, David Fifield wrote:

On Wed, Mar 21, 2012 at 10:27:08AM -0500, Daniel Sarmiento Suarez wrote:
Hello, I am writing to this list as have not received any replies on
the Soc mailing list

I am a student interested in participating in this year's Google
Summer of Code.

I have been looking at the ideas page, and believe that I will be able
to help in completing the  Nmap Cloud Scanning Platform,as it is
developed in Python and uses the Django framework.

I would really appreciate if I could get some information regarding
this project (I have already downloaded the source code), in order to
submit a good proposal.

I don't know much about the cloud scanner in particular, but you can
take a look at Alexandru's status reports from when he wrote it.

http://seclists.org/nmap-dev/2010/q2/author.html#author_alexandru
http://seclists.org/nmap-dev/2010/q3/author.html#author_alexandru

Downloading the source code shows good initiative. It will be valuable
if you can keep notes as you use it as to what was hard to do or what
doesn't make sense. It's helpful when someone with fresh eyes tries out
a project and makes such suggestions.

Feel free to ask me any questions you might have, too. I have a few things in mind about what could be done, from my 
own list of things I've been meaning to do (and putting off for far too long):

* updates
    - latest Django (1.4) with timezone support migration
    - everything else, investigate 'bit rot'
    - for ease of development, my first step was going to be to setup and configure a Vagrant[1] image with all the 
bits and pieces needed so it's easier for someone else to come in and develop; you'll probably feel some pain with the 
install doc, as it's meant for CentOS 5.5 and might be different for COS 6.2 (but we really should move it to the 
latest version)


* make app into an API; decouple and rewrite the front-end
    - I'm a big proponent of REST/hypermedia APIs, and would do it this way if were to get around to it. But you lose 
the Django template engine, because the entire front-end becomes a client of this API (and would likely be written in 
JavaScript). You could make the front-end be HTML-only but still a client of the API, of course, by making it 
server-side.


* user accounting/quotas/scheduling
    - need a (better) way to allow for scans to be scheduled
    - user billing
    - user quotas to limit amount of scans per time period


I'm sure Fyodor has more thoughts on this, and of course I bet you have some of your own ideas to mention in the GSoC 
application.


Good luck!



[1]: http://vagrantup.com/

--
@


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
  • Re: Student interested in Gsoc (Nmap Cloud Scanning Platform) alexandru (Apr 03)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]