Nmap GSoC 2011 Success Report

[Fyodor <fyodor () insecure org>]

Hi Folks.  I'm happy to report that our 7th Google Summer of Code
(2011) was a great success!  We had 7 students, and they all passed!
They wrote copious amounts of good code too, and pretty much all of it
is now integrated in today's release of Nmap 5.61TEST5
(http://seclists.org/nmap-hackers/2012/0).  I'd like to give a big
shout out to these folks for doing such a wonderful job!  Let's look
at their accomplishments individually:

*Colin Rice* was a free range fixer and bug hunter, resolving issues
all over the Nmap codebase.  He made fixes to Nmap, Ncat, Nping, and
Zenmap.  He also made some IPv6 improvements, including making the
--exclude and --excludefile options suppport IPv6 netmasks.

*Djalal Harouni* has been a long-time Nmap contributor and did a super
job in his second Nmap SoC.  His focus was on Nmap NSE
(http://nmap.org/book/nse.html), with a particular emphasis on
vulnerability detection scripts.  Not only did he write many of those,
he created a whole new framework for vulnerability detection in Nmap
(the vulns library).

*Gorjan Petrovski* was focused on NSE script writing and he did that
with aplomb.  He wrote 10 scripts, including IP geolocation,
bittorrent discovery, and Link Layer Topology Discovery scripts.  He
also wrote mac-geolocation which would query Google for the exact
street address of wireless access points worldwide based on their MAC
(BSSID) address.  Apparently Google wasn't comfortable with giving out
this much information, and they disable the service.

*Luis MartinGarcia* came back as a third time Nmap SoC student and
performed some phenomenal work.  He spent the whole summer working
with David on IPv6 OS detection, and you now see the results with a
command like "nmap -6 -O scanme.nmap.org".  The new system is even
more advanced than our IPv4 system (it uses machine learning rather
than our hand-edited IPv4 fingerprints) and it benefits from the
extensive empirical research Luis did to discover which IPv6 protocol
tests are valuable and which ones are a waste of time to implement.

*Paulino Calderon* was our third NSE guy, and his focus was on Nmap's
web scanning capability.  The Internet coninues to grow more and more
web-centric, and Nmap needs to shift with it.  Paulino wrote 12
scripts, including some clever ones for web application firewall
detection, querying Google's malware/phishing DBs, and auditing
Wordpress blogs.  He also added many hundreds of signatures to our
HTTP enumeration scripts for finding common web applications.
Finally, he wrote a proof of concept for our current HTTP
crawling/spidering system.

*Shinnok* was our second overall feature creeper and bug hunter.  Here
are some of his top improvements from the summer:

 o Created a protable version of ncat.exe that you can just drop onto
   an MS Windows system without having to run any installer or copy
   extra library files.  See http://nmap.org/ncat/.

 o Nmap now defers options parsing until it has read through all the
   command line arguments.  This removes the few remaining cases where
   option order mattered (for example, IPv6 users previously had to
   specify -6 before -S).

 o Ncat no longer blocks while an ssl handshake is taking place or
   waiting to complete.  This could make listening Ncat instances
   unavailable to other clients because one client was taking too long
   to complete the SSL handshake.  Our public Ncat chat server is now
   much more reliable (connect with: ncat --ssl -v chat.nmap.org).

*Xu Weilin* focused on IPv6 with David this summer, with a particular
emphasis on advanced IPv6 host discovery.  I actually had no idea that
a printer on my network was listening on IPv6 until I found it using
one of his discovery techniques.  To find and list the IPv6 systems on
your local network, try this command with Nmap 5.61TEST5:

 nmap -v -n -sn --script targets-ipv6-\*

In addition to my shout out to the students, I'd like to thank my
fellow mentors David Fifield and Patrick Donnelly for supporting these
efforts and always being there to help.

Needless to say, we have applied again to participate in GSoC!  We've
done it every year since Google started the program in 2005, and it
has brought us a ton of great features and (even more importantly)
developers.  Many of Nmap's current top contributors started out as
SoC students.  Last year, all of our mentors except myself were former
SoC students.

Cheers,
Fyodor

PS: For those who are interested, here are our previous success (pass)
    rates and wrap-up reports:

2010 (8/8 - 100%!): http://seclists.org/nmap-dev/2011/q1/708
2009 (6/6 - 100%!): http://seclists.org/nmap-dev/2009/q4/148
2008 (6/7 - 86%): http://google-opensource.blogspot.com/2008/11/nmaps-fourth-gsoc-success-stories-and.html
2007 (5/6 - 83%): http://seclists.org/nmap-dev/2007/q4/24
2006 (8/10 - 80%): http://seclists.org/nmap-dev/2007/q1/235
2005 (7/10 - 70%): http://slashdot.org/comments.pl?sid=183143&cid=15133184

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/