Re: Generating Graphical Diagrams/Maps from Nmap output

[magnus () linuxtag org (Nils Magnus)]

Re,

On Fri, May 19, 2006 at 07:31:56PM -0700, Fyodor wrote:

> If you have any interest in such a tool, now is a good chance to pipe
> in with features you would like to see, implementation ideas, etc.

My greatest concern is the display of network structures. I have seen
many tools that just draw nodes (routers or leaf systems) and edges
between them. Cheops is such a tool. Especially in firewall and trickier
router situations this is not enough.

At least to me it is of high importance that the subnet structure of a
network is rendered. Think of scanning a C-class type network you don't
know in the first place 192.168.66.0/24. Assume the .0, .127, .128,
.191, .192, and .255 returning multiple responses, so the experienced
watcher of nmap-TV immediately suspects that there are in fact three
subnets 192.168.66.0/25, 192.168.66.128/26, and 192.168.192/26 (and
proves that by issuing manual traceroute-probes). Assume further that
there are active hosts .50, .100, .150, and .200. The last hop (the
interface to our direction) has the IP 10.10.10.10.

Unfortunately, most tools will draw something like that:

                         +-------------+
                         | 10.10.10.10 |
                         +-------------+
                        /     |    |    \
              192.168.66.50  .100  .150  .200

which is not the whole truth. I'd like to see a picture like

                                  |
                         +---10.10.10.10---+
                         |                 |
                         +-|-------|-----|-+
                         .1|   .129|     |.193
 192.168.66.0/25 |------------|    |  |-------------| 192.168.66.192/26
                 .50|  .100|       |        | .200
                    X      X       |        X
                                   |
          192.168.66.128/26 |--------|
                               |.150
                               X

I hope you get the idea. Unfortunately it is not always (easily, from a
single source) possible to deduce if there is actually a smaller subnet
in all cases. However, I'd like to see the option included to be able to
display such graphs once this information is available.

This means storing information about IPs and their connection is not
sufficent, the subnet (identified by it's mask) has to be taken into
account as well.

I just pointed that out in this stage of the development since I think
that later changes are very difficult.

HTH,

Regards,

Nils Magnus
Program-Chair LinuxTag 2006 Free Conference Program

LinuxTag 2006: Where .com meets .org - magnus () linuxtag org


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev