Re: Google Summer of Code 2013 (Feature Creeper and Bug Wrangler)

[Usman Zaheer <usmanzaheer53 () gmail com>]

Hello,
        First of all, I am really sorry that I could not reply back for a
long time as I had to meet the deadlines for 3 of my course
projects/assignments. My semester ends at May 21. However, I have been
continuously following the Nmap-dev mailing list and trying to brainstorm
ideas and potential challenges for my proposal during this time.

Kindly note the following:

(1) Firstly, regarding the "Exploring port scanning from within NSE"
project, I need suggestions about whether we are going to implement modules
in lua only as part of NSE modules? Further, as it turned out from a couple
of discussions at the Nmap IRC channel, we can potentially add a
script_port_scan phase between NSE prerule and portscan phase. Currently, I
am thinking about how and what can we leverage from the functions already
performed in portscan phase. Any further suggestions?

(2) Secondly, I am interested in the following idea from Nmap TODO which
was also discussed in Nmap mentors meeting and according to Fyodor it's
quite challenging and he was skeptical about assigning it as GSoc project.

"Consider re-architecting Nmap to have more of a scanning pipeline

approach rather than fixed sets of hosts which start and finish one
phase and then move into the next in parallel.  This could potentially
allow us to add hosts one by one to a phase as other hosts finish that
phase and, ideally, the phases could run in parallel too."

Although it was not decided in the Nmap meeting about whether this
project can be divided into smaller chunks, I will be glad to atleast
start some work on this during the summer and then continue with
completing it afterwards. Any suggestions about what can be the
possible smaller chunks?

(3) Is it okay or too ambitious to aim for one of the following combinations:

(a) "Exploring port scanning from within NSE" + some part of the
project mentioned in (2).

(b) "Exploring port scanning from within NSE" + "XML parser for NSE"


(4) Finally, because the "Exploring port scanning from within NSE"
project has some exploration part associated with it, will it be best
to provide time line of my tasks in terms of features implemented. (an
alternative could be to mention what I will be exploring/coding
potentially at different points in time approximately).

Regards.

Usman Zaheer.



On Sat, Apr 20, 2013 at 10:08 PM, Usman Zaheer <usmanzaheer53 () gmail com>wrote:

> Note: I sent the following e-mail on 16th April as well, but I guess it
> got lost somewhere during the Nmap-dev downtime.
>
> Hello,
>         Usman Zaheer here from Lahore University of Management Sciences
> (LUMS), Pakistan (3rd Year Undergraduate CS).
>
> I have been looking at the Ideas page for the past few days and think that
> I will be most interested in the Feature Creeper/ Bug Wrangler Position
> because this will give me a broad overview of how Nmap code works as a
> complete system.
>
> I have strong skills in C/C++ and Python. Currently I am learning Lua and
> hope to get it done soon :).
>
> I think I can pick up stuff quickly because I have approx. one year of
> Research Experience under my belt where I had a really steep learning curve
> but still it worked out fine.
>
> Regarding the "Exploring port scanning from within NSE" idea, what are
> some baseline features that we are going to write modules for? Any
> suggestions?
>
> Moreover, how do the developers test the code patches for Nmap (best
> practices?) because this is a bit different from typical software apps.
>
> Further, I guess other ideas like XML parser listed on the Ideas page also
> fall into the feature creeper role, right?
>
> Also, any further resource that someone may want to point me to?
>
> Thanks in advance :)
> Regards.
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/