Nmap Development mailing list archives
Re: Nmap Fingerprint Submitter 2.0
From: Fyodor <fyodor () insecure org>
Date: Mon, 11 Jun 2007 02:24:04 -0700
On Sun, Jun 10, 2007 at 10:40:03PM -0700, doug () hcsw org wrote:
We can also take advantage of a smarter javascript based client to add some useful features that should both make it more convenient to submit to and produce better meta-fingerprint information. I think with a more intuitive interface we can squeeze even more information out of the collective knowledge and experience of the Nmap community through fingerprint submissions and still make the overall process faster/easier!
Hi Doug! I played with the new system some tinight and love it so far! This should definitely make submitting fingerprints easier, and produce more accurate data for us when we integrate them. Here are some notes I took while testing: o The "submit" button currently gives me a 404 error, so I wasn't able to test beyond playing with the form fields. o The number in parens in the OS classification section should probably be the total number of fingerprints matching the vendor/os family. Right now it is just the number of "child" choices. For example, "Linux" as the Vendor should probably say "(264)" rather than "(1)" as it says now. o I like the stats line up top :) o Your script demonstrates the need to canonicalize the OS types, etc. I see things like: Windows (697) windows (1) print server (57) Print Server (1) broadband router (58) broadband-router (2) I added an item for this in the Nmap TODO. o The "Enter your name and e-mail address" field should probably give an example of the format people should use. E.g. "Fydoor <fyodor () insecure org>". The exact format people use may not matter much, but an example keeps people from wondering whether the format they use is OK. o At least for OS detection (might be useful for version too), I'd like to see a question like "How do you know the system is running this OS?". It could be a choosebox with answers like: = I'm just guessing! = System owner told me what was running = I own or administrate the system and am certain of the OS = Other o I'd like to be able to ask more questions based on what they choose for the "OS Name" field. For example, if they choose Windows I'd like to add a field for winver results. And if they specified Linux, I'd like to ask for uname -a and the distribution name and version. I'd like the uname -a results for other UNIX systems as well. All of the questions would be single-line form fields, so maybe that limitation would help in adding a generic system for doing this. o For the version fingerprint submissions system, you might find it useful to have a checkbox in the OS section which says something like "This application is _not_ supported on other operating systems" than the one they specified. If this is checked (and the user is correct), the generated signature can be augmented with the OS line. o One the bottom of the page you can note that problems/bug reports should be sent to nmap-dev () insecure org . o I like the "service name" interface for version detection submissions :). Good work, I'm looking forward to getting this set up on Insecure! It definitely beats the "mail your corrections to Fyodor" instructions up there now! Cheers, Fyodor _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Nmap Fingerprint Submitter 2.0 doug (Jun 10)
- Re: Nmap Fingerprint Submitter 2.0 Fyodor (Jun 11)
- Re: Nmap Fingerprint Submitter 2.0 doug (Jun 15)
- Re: Nmap Fingerprint Submitter 2.0 Fyodor (Jun 11)