Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: nmap PostgreSQL patch

From: Fyodor <fyodor () insecure org>
Date: Sun, 7 Jul 2002 18:38:30 -0700
On Sun, Jun 30, 2002 at 10:24:32PM +0100, Bradley Kite wrote:

Hi there.

I've just finished writing a patch to nmap so that it logs to
a PostgreSQL database.


Nice.  I just read through it.  The patch even has "bonus features"
like port banner checking :).  I am sure many people will find it
useful.  Postgress is my preferred DB as well.

Have you considered parsing Nmap XML output rather than hooking into a
parallel set of Nmap output routines?  This has several advantages:

o It would work with new versions of Nmap without having to modify
  your patch to adjust for any internal Nmap changes.  No need to even
  apply your patch -- you could just use the Nmap version which comes
  with your OS or use the FreeBSD ports collection, Debian package
  system, Redhat RPMs, sunfreeware.com, etc.

o It avoids bloating the Nmap codebase.  If I was to add Postgress
  output, MySQL, Oracle, HTML, LDAP, etc to the main tree, Nmap would
  become quite unwieldy and brittle.  On the other hand, if these
  output plugins interface with Nmap XML, I can mess with Nmap
  internals all I want without breaking them.

Someday I would like to have a general Nmap DB output driver, so I
could just run something like:

nmap -sS -O -oX - targetnet/16 | nmapdb --postgress nmap@dbhost

One issue is that many (all?) XML parser seem to require a complete
document before they start returning parsed tags.  This would make
things difficult for the many apps which would want to process new
<host> tags (or even <port> tags) as they appear.  For example, a
graphical Nmap GUI (or the Nessus daemon) would not want to wait for
Nmap to finish running before processing any results.  Does anyone on
the list know of a good way to handle this?  I am not any sort of XML
expert.  Perhaps some parsers can deal with incremental XML?  Or
perhaps Nmap should spit out a new complete XML document for each host
and just concatenate them all together?

Cheers,
Fyodor

---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to 
nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).
Previous By Date Next
Previous By Thread Next

Current thread: