Nmap Development mailing list archives
Re: Hakin9's new Nmap Guide
From: Fyodor <fyodor () insecure org>
Date: Fri, 28 Sep 2012 13:05:25 -0700
On Thu, Aug 23, 2012 at 05:50:31PM +0200, Luis MartinGarcia. wrote:
Just a FYI. The Hakin9 magazine publishes an Nmap guide this month. I haven't read it, since it's only available to paid subscribers but I had the opportunity to have a look at two of the articles via the reviewers mailing list and, to be honest, they were a bit disappointing
Hahahaha, I just saw the guide. The best article is the first one, which Hakin9 apparently published without even reading. And they told me I could post it as a sample of their work. Here it is: http://nmap.org/misc/hakin9-nmap-ebook-ch1.pdf The article is by some well-known researchers: Jon Oberheide, Nico Waisman, Matthieu Suiche, Chris Valasek, Yarochkin Fyodor, the Grugq and Jonathan Brossard, Mark Dowd Maybe they were sick of Hakin9's constant please-write-an-unpaid-article-for-us spam and decided to submit some well-crafted gibberish in response. Even the paper title is ridiculous: Nmap: The Internet Considered Harmful - DARPA Inference Cheking Kludge Scanning They clearly chose that title so just so they could refer to it as DICKS throughout the paper. There is even an ASCII penis in the "sample output" section, but apparently none of this raised any flags from Hakin9's "review board". Plus it is full of text like: "Our experiments soon proved that exokernelizing our fuzzy Knesis keyboards was more effective than making autonomous them, as previous work suggested. Our experiments soon proved that microkernelizing our PDP 11s was more effective than exokernelizing them, as previous work suggested. We note that other researchers have tried and failed to enable this functionality." "NMAP requires root access in order to allow B-trees." "First, cyberneticists added 10 GB/s of Internet access to our network. Further, we removed a 7TB USB key from our highly- available cluster to consider our Xbox network. Furthermore, we reduced the effective tape drive throughput of our stochastic overlay network. Similarly, we tripled the effective floppy disk space of our Internet-2 overlay network." "Once the remote operating system has been identified, DICKS will trigger a remote pool overflow in the IP Stack of the kernel. A combination of ROP and pool heap spraying enables relatively good reliability." "While we know of no other studies on autonomous methodologies, several efforts have been made to analyze object-oriented languages. Similarly, Thomas and Raman suggested a scheme for refining autonomous theory, but did not fully realize the implications of digital-to-analog converters at the time [7, 12, 13]. Furthermore, we had our method in mind before Wilson published the recent seminal work on Lamport clocks. In general, NMAP outperformed all existing systems in this area [14-17]." The figures are great too, including one charting "the 10th-percentile latency of NMAP, as a function of popularity of IPv7". They cite 27 reverences, including seminal journal articles like "Towards the Synthesis of Vacuum Tubes" and "Decoupling 802.11 Mesh Networks From Hierarchical Databases in DNS". Bravo, Mark Dowd and crew, Bravo! Cheers, Fyodor PS: I think the authors used this "Automatic CS Paper Generator" as a starting point: http://pdos.csail.mit.edu/scigen/ _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Fwd: Nmap Guide and Burp Suite Automating Attacks - 2 new hakin9 issues Luis MartinGarcia. (Aug 23)
- Re: Hakin9's new Nmap Guide Fyodor (Sep 28)