Re: Some work for a beginner

[Alok Upadhyay <alok0412 () gmail com>]

Thanks for that warm welcome David! But I have been scouring through
the source only to end up taking a lot of time understanding the
system altogether. Doesn't this project have any graphical tools like
UML diagrams, Architecture diagrams etc. which can greatly reduce the
getting-to-know-time, in my case particularly.
Or if not, can you please suggest me some way of better understanding
the different parts of the source.

Thanks,
Alok

On Mon, Feb 6, 2012 at 1:20 PM, David Fifield <david () bamsoftware com> wrote:
> On Mon, Feb 06, 2012 at 12:33:39PM +0530, Alok Upadhyay wrote:
> > Hi There,
> >
> >
> > I am a new to the nmap-dev list and also to the world of open source
> > development. I am really interested in working under the nmap's hood.
> >
> > I was looking for some easy headway into the development side by
> > trying to solve a bug etc., but wasn't quite able to figure out stuff.
> > I am good in programming using Java, Python and C. And I have some
> > experience in socket programming as well.
>
> Something helpful to me personally would be to add new checks to
> sv-tidy.py, the script that checks for errors in the nmap-service-probes
> database. it may seem like a small thing but it has already found tons
> of bugs.
>
> There are some notes about sv-tidy.py in
> https://svn.nmap.org/nmap/todo/nmap.txt, but here's a more up-to-date
> list of what I need:
>
> * Add a mode where it prints out all the d// device types. I want to
>  pipe this through "sort | uniq -c" to easily check for typos.
> * Add a CPE parser, and make sure that cpe:// fields are proper CPE
>  URLs. This mainly means checking that the first component is "a", "h",
>  or "o". There is some information about CPE here:
>  http://nmap.org/book/output-formats-cpe.html.
> * Check for human language names that aren't reflected in the CPE, and
>  vice versa. For example, i/French/ without cpe:/...:fr/ or vice versa.
>  You only need to look at the i// and cpe:// fields for this.
> * Check that substituted variables are used in the appropriate place in
>  CPE. If we have h/$1/ and cpe:/a:apache:http_server:$1/, it's a bug,
>  because there's no reason for a host name to appear in the version
>  part of a CPE URL.
> * Similarly, warn if e.g. v/$1/ is present but $1 is not used in any
>  CPE.
>
> If you want to try these, please send a patch for each small piece that
> you do. A big patch doing all the above would be too much, and anyway
> some of the above might cause you to want to consult with me on design.
>
> David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/