Nmap Development mailing list archives
Re: nano probe vs NMap: quick questions
From: "Littlefield, Tyler" <tyler () tysdomain com>
Date: Mon, 05 May 2014 10:15:26 -0400
On 5/5/2014 7:24 AM, Michael Pattrick wrote:
Hadn't heard about "nanoprobes" until now, went to Gibson's website with the honest intention of learning. And my god that is some indecipherable technobable.
No joke. So ignoring the GRC side of things. There are various online port scanners both based on Nmap and a variety of other tools, a simple web search finds them pretty fast. Nmap XML output, when paired with a stylesheet, looks reasonably presentable to a wide audience. That said, this type of home IP port scan was far more relevant when everyone was connecting their windows 95 box directly to their cable modem. Nowadays dlink routers block out this type of scan and give users a false sense of security. That's pretty much what I was thinking, not to mention most wouldn't have access to update their router or care if we told them UPNP was enabled and should be disabled, for example. I guess this probably isn't worth much, I just thought there could be some use in using NMap and other systems to help educate the public, but I wasn't sure what could be shown and whether or not it could be useful. Basically I wanted to take the snake oil sales out of GRC and provide something useful. Alternatively though, this would have to be widely published and people would have to care enough to check it out, which is why I wanted to put usability pretty high. -M On Mon, May 5, 2014 12:46 am, Littlefield, Tyler wrote:
Hello all: I've long since came to the conclusion that Gibson is totally nuts and etc, but I've recently seen some comparisons to NanoProbe vs NMap, so i had a couple of questions. I've not used this--I was actually looking at it and just stopped reading after his jabber about this all being written in asm, but I think he does make one valid point under all the garbage: Being able to show end-users their vulnorabilities could be incredibly interesting and might, perhaps help with educating folks about internet security. Obviously hosting this on a remote server and having NMap run on any target could be exploited, but what are the chances of say using a cut-down form of NMap or something to allow a user to test his/her issues? Basically, I'm asking if somehow NMap and similar technologies could be somehow employed to help disclose vulnorabilities and help educate end-users. I think internet security is a pretty vast field and for those who don't really want to learn a lot, it can be hard to educate people. But I believe the majority of people would really be concerned and want to learn more. What sorts of projects exist currently to help do what I'm talking about? If there's nothing, any ideas on how something like this could be presented? Thanks, -- Take care, Ty http://tds-solutions.net He that will not reason is a bigot; he that cannot reason is a fool; he that dares not reason is a slave. _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
-- Take care, Ty http://tds-solutions.net He that will not reason is a bigot; he that cannot reason is a fool; he that dares not reason is a slave. _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- nano probe vs NMap: quick questions Littlefield, Tyler (May 04)
- Re: nano probe vs NMap: quick questions Michael Pattrick (May 05)
- Re: nano probe vs NMap: quick questions Littlefield, Tyler (May 05)
- Re: nano probe vs NMap: quick questions Michael Pattrick (May 05)