Nmap Development mailing list archives
Nmap - Summer Project Idea
From: Everardo Padilla Saca <everardo.padilla.saca () gmail com>
Date: Sat, 15 Feb 2014 02:24:16 +0000
Hi all, I've been thinking on how I could make something useful for the Nmap community. I would appreciate your feedback on this idea. It's about a distributed Nmap network with a RESTful backend, where multiple Nmap clients are managed by a control server, who is managed by the final user(s) through a web browser. The control server would act as a bridge between the final user(s) and the network of Nmap clients. The control server should be able to observe the Nmap clients' status in a live fashion (connecting, disconnecting, scanning) and report back to the user(s) so they can choose between the clients that will participate in a scenario. The user(s) will be able to configure that scenario in such a way that each one of the chosen Nmap clients gets a chunk of the workload. The Nmap clients would report back to control server about their progress, so that the user(s) can observe that through their web browser. The configuration given to the clients and scenarios would be saved in a storage unit accessible by the control server, thus, by the final user(s) too. Past scenarios could be compared, replayed, edited, or deleted; and their results would reside in the storage unit for further reference. The following image shows a very simplified architecture of this: Image: http://i.imgur.com/r0ovDlD.png A prototype can be found here: https://github.com/epadillas/cnmap (needs a better name). This prototype consists of the client and server code. The client code listens to the control server for commands, executes Nmap scans, and reports back to the control server. The control server listens to the final user (who's using a web browser) and to the Nmap client(s). The server will relay any commands to the Nmap clients given by the user(s). For now, the prototype can only scan ports in a distributed fashion (instead of IP addresses for the sake of the demo) and report the results to the control server. These results are displayed to the final user who's connected to the control server via web browser. This is done using node.js and socket.io. The demo's repo has a link to a short silent video showing how this works. -Perhaps the web interface could use an HTML5 canvas to "draw" scan scenarios (maybe like Cisco's packet tracer?). -PKI could be used to authenticate clients, maybe a Web of Trust if several control servers are used. -Ndiff could be used to compare scans saved in the control server. -NSE scripts could be distributed to the clients from the control server. -The clients would tell the server which NSE scripts the currently have. -Report exporting capabilities. -??? At the moment, the best tool for distributed Nmap scanning is of course dnmap, it works great. Even though this project aims to distribute scanning too, a few extra things can be achieved, like the potential of turning into a web-based shared environment for pen-testers or auditors managing the same control server. If you all think this is a worthy/relevant idea it would be nice if it could be part of this year's GSoC. I would like to hear your opinions and feedback! A bit about myself: I'm a last year BSc in Computer Science student, about to start working for my Uni on researching methods for IPv6 address exploring with Raul Fuentes' work shown here http://seclists.org/nmap-dev/2013/q4/285 (currently working on those scripts' code). Regards, Everardo Padilla _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Nmap - Summer Project Idea Everardo Padilla Saca (Feb 14)
- Re: Nmap - Summer Project Idea Fyodor (Feb 17)
- Re: Nmap - Summer Project Idea Everardo Padilla Saca (Feb 26)
- Re: Nmap - Summer Project Idea Fyodor (Feb 17)