Nmap Development mailing list archives
Re: Generating Graphical Diagrams/Maps from Nmap output
From: magnus () linuxtag org (Nils Magnus)
Date: Fri, 26 May 2006 15:30:29 +0200
Re, On Thu, May 25, 2006 at 04:17:58PM +0200, Diman Todorov wrote:
Once again, regardless of the purpose, this subject is less a question of graphing than to have proper data structures. Most networks I work with and which I scan are pretty easy in terms of their graph structure.May I point out that a graph is a data structure.
Yes, a graph is usually a tuple of sets of edges and vertexes, which can be annotated under circumstances.
It is also a data structure which is well suit for representation of computer networks.
While this may be true in a very general environment, I object it is suitable in our situation.
Nils, if I am understanding you correctly you want to have edges which represent sub nets. These edges would have the property to provide a connection from any host in the sub net to any other host in the sub net.
No, definitely not. In fact that's the main issue, I tried to point out. It is very dangerous to connect hosts to other hosts in data structures. Actually, what we need is a data model which has more "vertexes" than just hosts: First, there are hosts. Unfortunately, hosts have usually (from nmap's point of view) no easy identifier. Note that IP or MAC addresses are no suitable identifiers as they are not necessarily unique and well defined for a given system (such as a router which has at least two of each). A host hassome properties such as the operating system (there may be others). A host has a number of interfaces. Each interface can be identified with a MAC and/or an IP address as attributes. I suggest that interfaces are also entities. Most of the acquired nmap data should be associated to interfaces rather than to hosts (like ports, port stati etc.). An interface is connected to a subnet entity. The main property of the subnet is its network address and its netmask. So in fact there are three types of entities (or classes if you're talking about OO): hosts, interfaces, and subnets. In this model, edges don't need to be annotated. While this data model seems to be slightly bloated at first sight, it is able to model several situations that cannot easily modelled with the host/network-edge/host model: Multihomed servers, routers etc.
In terms of graph theory this would be a hyper graph. Hyper graphs are well researched by database theory people. The main reason not to use hyper graphs for anything automated is that many problems which can be solved in polynomial time if your graph only has binary edges become NP hard if your edges have more than 2 peers.
Again: I don't see much need of calculating complex algorithms on this data structures. The main objective is probably to display them (which is hard enough if done automatically). If you do some calculations, most of them involve their immediate neighborhood, so complex and troblesome search algorithms are usually not necessary. What kind of relationsship of two arbitrary hosts would you like to compute as the results of your scan? Regards, Nils Magnus Program-Chair LinuxTag 2006 Free Conference Program LinuxTag 2006: Where .com meets .org - magnus () linuxtag org _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev
Current thread:
- Generating Graphical Diagrams/Maps from Nmap output Fyodor (May 19)
- Re: Generating Graphical Diagrams/Maps from Nmap output Thierry Zoller (May 20)
- Re: Generating Graphical Diagrams/Maps from Nmap output Nils Magnus (May 21)
- Message not available
- Re: Generating Graphical Diagrams/Maps from Nmap output Nils Magnus (May 21)
- RE: Generating Graphical Diagrams/Maps from Nmap output Sina Bahram (May 23)
- Re: Generating Graphical Diagrams/Maps from Nmap output Nils Magnus (May 25)
- Re: Generating Graphical Diagrams/Maps from Nmap output Diman Todorov (May 25)
- Re: Generating Graphical Diagrams/Maps from Nmap output Nils Magnus (May 26)
- Re: Generating Graphical Diagrams/Maps from Nmap output Diman Todorov (May 26)
- Message not available
- <Possible follow-ups>
- RE: Generating Graphical Diagrams/Maps from Nmap output Sina Bahram (May 21)