Nmap Development mailing list archives
Sonar project
From: red0x <red0x () users sourceforge net>
Date: Fri, 05 Dec 2003 22:54:39 -0800
Hello all, I am working on a project called "sonar." Its a subproject of the Automated Security Tools project on sourceforge (http://autosec.sf.net or http://sf.net/projects/autosec). Someone asked me to send an email describing the who's, what's, and where's of sonar. First of all, what is sonar? Have you ever heard of nmap (http://insecure.org, fyodor's genius port scanner). Sonar aims to be a pluggable "clone" of nmap. As of right now, I have a working plugin API, with support for input plugins, output plugins, and network plugins. Sonar is entirely driven by these plugins. No network communication is handled in the actually sonar binary itself. The sonar binary handles the common options that any plugin might ask for (whether to fork, verbosity, randomness, timing options, which plugins to load, etc.) while I have a pretty lame way of passing options to the plugins (explained later in the todo section). Input plugins handle getting ip-address for sonar to scan, and output plugins handle the log. by default, sonar uses no input/output plugins (although it comes with a few), instead getting its input on the command line, and outputting to stdout (like nmap, of course). The network plugins handle the scans themselves. they are executing in sequential order, and can be looped as many times as you want via command line options. Who created sonar? well, I did. At first, some of the code was borrowed from early versions of nmap and xine (yes, the movie player). However, I have long since re-written it to be (mostly) original. It is/was written mainly for automated (penetration, connectivity, you name it) testing of remote hosts. You can have sonar execute a command if a remote host is online (I know this could be a security hole, but since sonar does not listen on any remote interface, it should be OK(tm)). Sonar can be download from the sourceforge project page, at this link: http://sourceforge.net/project/showfiles.php?group_id=51027 My latest list of things ToDo on sonar (not in any obvious order): 1. Passing options to the plugins in done in a crappy way, it needs fixing. 2. Test/debug the input plugins, they are behaving strangely. 3. Daemon mode closes the output plugins file descriptors (I have since commented the line of code that does this, but it would be nice to have a work-around). 4. Implement some file-locking stuff while checking permissions. 5. All sorts of error/signal handling code needs fixing/writing, and my plugins (and the sonar engine) don't do anything productive with error reporting. 6. Logging to syslog in daemon mode when trying to print a floating point number hangs, which is quite odd.... (I commented that line too). Thank you for your time. You can reach me at irc.freenode.net #autosec, or email me here any time. Keep your eye out for 1.2.1 in a few days. CVS is more stable than 1.2.0 at the moment. ;) red0x --------------------------------------------------------------------- For help using this (nmap-dev) mailing list, send a blank email to nmap-dev-help () insecure org . List archive: http://seclists.org
Current thread:
- Sonar project red0x (Dec 05)