gsoc --top-ports

["Daniel Agar" <daniel () agar ca>]

I'm applying for the Feature Creeper/Bug wrangler Gsoc 2008 position, and
based on the comments I've received (thanks David Fifield) and I'd like to
get a better idea of what the community would like for --top-ports feature
and the required extensive empirical testing.

First of all, who should be scanned? I suppose you want a wide range of
different types of hosts. I was thinking about things like scanning
everyone in a large IRC channel, or trace route to a website and scan
every hop in between. The biggest problem I see is getting a good sample
of data from inside small home networks, the ports most
applicable/interesting to the average home user that might use nmap
occasionally.

How are services running on non standard ports to be treated? Should this
just be a simple port scan. Then --top-ports considers only the
distribution of ports in use, or should there be more information included
from a service scan (eg 23% of hosts scanned with port 222/tcp open are
using it for ssh).

I'd really like to be as detailed (and realistic) as possible in my
application.

On an unrelated note, was the Nmap Hosted Scanner ever completed? I came
across this http://nmap.org/SoC/HostedScan.html during some soc related
googling. Was this ever finished, and if not is there any interest in this
still? It sounds like a fun project.

Thanks

Daniel Agar


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org