Re: Status Report #3 of 17

[Fyodor <fyodor () insecure org>]

On Mon, May 11, 2009 at 10:30:38PM +0000, Brandon Enright wrote:
> I chatted with Fyodor about this.  Obviously I described the echo
> server in broad, rather magical terms.  I'm working on mocking up some
> ideas and better defining the scope of what I think is reasonable and
> useful to support.

Great, we're looking forward to your thoughts!

> I'm going to work off of the Hping2 style output for now.  I'd be
> interested in seeing a mock-up from you on what you think the Nping
> output should look like.  I think many improvements can be made over
> Hping2.

We will probably try to make the output as similar as possible to what
Nmap outputs with the likes of --packet-trace.  E.g. like:

SENT (0.1780s) TCP 192.168.0.100:39185 > 64.13.134.52:80 A ttl=47 id=26851 iplen=40  seq=1259617669 win=4096 
ack=2755610876 
SENT (0.1780s) ICMP 192.168.0.100 > 64.13.134.52 echo request (type=8/code=0) ttl=52 id=32206 iplen=28 
RCVD (0.1880s) TCP 64.13.134.52:80 > 192.168.0.100:39185 R ttl=53 id=0 iplen=40  seq=2755610876 win=0 

The idea is for Nmap and Nping to use mostly the same code for this.
So if changes are desired to the output, we should change them for
both.

Nping might have some special columns for timing or sequence
information or the like.  So you may be able to take some good
inspiration from hping (or normal ping) and other applications.  But
for the "meat" of the results, I'd like to share the code between Nmap
and Nping.

Cheers,
-F

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org