Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: New feature. ZenMap AS, IP ranges and DNS names.

From: Fyodor <fyodor () insecure org>
Date: Tue, 16 Nov 2010 19:36:33 -0800
On Fri, Nov 12, 2010 at 11:48:50PM +0100, Bruno G. San Alejo wrote:

      Hi, I was just wondering.... I'd like something like Maltego (but open
source) so that I can research AS, expand DNS names, get IP ranges and
have the graphical interface to correlate those. that would be useful to
pinpoint IP ranges and (n)map networks.

      I was thinking into just going for it since I'm unemployed right now
and need to get busy, but I was actually thinking in terms of a open
source Maltego.  I wonder if this would be a interesting thing to have
in Zenmap or ...


Hi Bruno.  Don't be discouraged by the lack of response on this list,
as it might just be a sign that few here use that particular
proprietary tool.  The Maltego page (http://www.paterva.com/web5/)
calls it "an open source intelligence and forensics application", but
they are describing the "intelligence" it uses as open source rather
than the application itself.

Anyway, Maltego seems to be about finding connections in large data
sources and visualizing them.  For example, maybe they have a domain
whois database on their server so you can connect a domain name with
others owned by the same people.  If we had a full map of the
connections on social networking sites like facebook, I'm sure we
could mine some particularly fascinating information.  Maltego isn't
an easy application to wrap your head around (even when reading their
web pages), but I did see a presentation by Roelof years ago at
CanSecWest when he was developing the idea.

I don't think something as complex as Maltego belongs in Zenmap, but
parts of it might be useful there.  Also, Nmap NSE scripts could be
use to collect data which is then viewed with a standalone "open
source Maltego" tool.  I hope you pursue this, and please keep us
informed :).

You might also look at Palantir (http://www.palantirtech.com) for some
ideas on data analysis and visualization.  They're apparently very
good at it (but also proprietary).

Cheers,
Fyodor
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: