Re: SoC ideas about nping

[GuangLiang Yang <gygl09 () gmail com>]

Thank you, Luis. I have read "Nping echo protocol". The protocol is a
very good start.

And I have two questions.
1. Which way should the keys distrubution be runing in? If we just
make designs simple, entering keys by keyboard both in client and
server maybe fine. But if conditions is complicated, it's better to
use TTP(Trusted Third Partner). The TTP can be build in a smple way,
just with functions of registing, generating keys etc.

2. And it's better to add one optional byte to QUIT packets header,
which can identify the type of error. Because the QUIT operation is
not just used in two conditions described in "2.11 Operation QUIT", it
will make everything more clearly.

On 3/23/10, Luis M. <luis.mgarc () gmail com> wrote:
> Hi Yang,
>
> There is already a draft proposal for the protocol you mention. However,
> the protocol design is in a very early stage, mainly because the
> requirements for the echo mode itself are not yet very well defined.

Indeed, I'm a little confused with the goal "Nping Developer" should
achieve. And I recall that you have mentioned "adding nping into nmap
and something in you mind~~~" in "GSoC idae list". I think it's a very
good idea, which can make nmap better and stronger. But maybe we need
assess the workload at first.

> Brandon and I were kind of designing the authentication mechanism last
> year but maybe it is too risky to define our own auth scheme and we
> should go for something more standarized.
>
> If you want to have a look at the draft, check out the latest SVN copy
> and access nmap/nping/nping-priv/protocolDefinition.txt.
>
> Regards,
>
>
> Luis MartinGarcia.


Regards,

Yang.
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/