Nmap Development mailing list archives
Re: GSoC : CPE , SCTP ,Update feed
From: David Fifield <david () bamsoftware com>
Date: Thu, 31 Mar 2011 22:46:28 -0700
On Tue, Mar 29, 2011 at 04:40:36PM +0530, ambarisha b wrote:
Since the student application period for GSoC has started, I thought I better start with the real proposal.
Hi Ambarisha. It's nice to see that you are applying for the Summer of Code. You've made a good impression with your patches and mailing list participation.
I was hoping to work on features like conversion of nmap databases into CPE and more.I have written a draft and noted the inputs from: http://seclists.org/nmap-dev/2011/q1/989 Currently,I am working on what can be done with the fingerprint line to see if we can sensibly break it so as to be used later with some string matching algorithm. I also read about the update feed mechanism which ,I think, is a crucial feature.I have yet to study the update feed mechanisms of Metasploit vs OpenVAS.I will try to make a draft of advantages of each if needed.I will get back as soon as I have progress to report.
It looks like your proposal will be for Feature Creepers and Bug Wranglers. It's good to see that you are thinking about some of the harder issues.
One more idea I had in mind was adding SCTP support for NSE.But there was mention of some problems being reported about the SCTP functionality.First that has to be investigated.
I don't remember hearing of problems with SCTP in NSE? Can you remind me what they were?
There are a lot of other things that would be quite useful that are still pending in the todo like using SCTP also for service probing and for OS detection.One instance of the later is noted in the todo.So, I thought having SCTP functionality integrated more strongly into nmap would be a great idea.What is the priority on this? Is anybody already working on it?How would this scale up as a GSoC project for the summer ? Are there any points specific to these ideas that I need to address in the proposal?
I don't think anyone is working on these. SCTP version detection is a good idea and I think it could be done without very much effort. OS detection is more difficult, and your proposal should describe how you will invent new probes and tests, and measure their effectiveness. "ncat --sctp" is a good tool for setting up dummy servers for testing. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- GSoC : CPE , SCTP ,Update feed ambarisha b (Mar 29)
- Re: GSoC : CPE , SCTP ,Update feed David Fifield (Mar 31)