Nmap Development mailing list archives
GSOC 2017 related info.
From: ibrar arshad <ibrararshad80 () gmail com>
Date: Thu, 23 Mar 2017 19:12:01 +0500
Hello dev-team, I am interested in working on improving nping during Google Summer of Code 2017. I have ~3 years of experiencing of working on developing distributed systems and virtual network functions and now I am pursuing a masters degree from Technical University of Munich. I just want to get guidance about my proposal from the dev team. First of all there is the matter of the dev branch(http://seclists.org/nma p-dev/2012/q4/276) which contains several enhancements/fixes. The latest change to that was made in 2013 and I believe the branch hasn't been merged in to the trunk yet. Has it been? I plan to start merging patches from that into trunk one by one and removing conflicts along the way and add tests for the change-set introduced in every patch. Any alternatives or suggestions here? After merging the topic branch into the main branch, I will proceed further to reproducing and fixing bugs on top of that. I was looking at the currently open bug-list(https://github.com/nmap/nmap/labels/Nping) and have shortlisted a few without any associated code or plan-to-fix yet: - 180 <https://github.com/nmap/nmap/issues/180> (replace gettimeofday() calls with alternative monotonic timestamp calls): - gettimeofday is prone to skewness by NTP syncs so instead, system's own monotonic clock should be used to generate timestamps for comparison where needed. Finding a portable way of generating monotonic timestamps across platforms is the only major challenge. Some implementations have already been mentioned in the ticket? Further suggestions on how to go about it? - 729 <https://github.com/nmap/nmap/issues/729>(Nping: Handle sending IPv6 on Windows without manually setting addresses). Two issues here: - Don't try sending raw packets on windows systems and enforce sending of ethernet packets by default on a windows system. Can be done fairly easily by examining the code around the routine/s that generate the packets. - When using --send-eth, don't ask for v6 addresses and mac addresses. Rather, derive these from existing functions and helpers.(again needs digging into the code) - 458 <https://github.com/nmap/nmap/issues/458> (traceroute mode for nping) - I think this can be done by examining response icmp packets. I think maybe the use-case needs to be refined here a bit? Any suggestions? - 361 <https://github.com/nmap/nmap/issues/361>(nping should show latency distribution) - Perhaps per probe stats can be maintained and visualized using something like gnuplot <http://www.gnuplot.info/>? - 360 <https://github.com/nmap/nmap/issues/360>(Unrealistic Min RTT (with --rate)) - The root cause analysis has been provided in the ticket. Code needs to be probed for a solution. - 278 <https://github.com/nmap/nmap/issues/278>(Audit/change use of unsafe str* and *printf functions) - Required replacing unsafe string functions with safer ones. A few that need replacing are mentioned in the ticket. Code needs to be probed for further non-safe usages. - 125 <https://github.com/nmap/nmap/issues/125>(fix TODO and FIXMEs) - A quick grep into latest code revealed around 32 of TODOs and 8 FIXMEs. Needs delving into the code to fix. I have listed an overall approach towards merging the code from the topic branch and fixing these and other bugs that may arise. I'd request for feedback around this rough proposal in order to improve it. Should I dig in deeper and figure the code details in order to make a convincing proposal? Should I include the details for every bugfix or improvement I intend to make to the tool? Also there is a todo list for nping related tasks( https://svn.nmap.org/nmap/todo/nping.txt), can somebody confirm if its up to date and if the tasks marked done are part of the main branch? Also, are these still valid after the code changes available in the topic branch? Thanks. -- Ibrar Arshad
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- GSOC 2017 related info. ibrar arshad (Mar 23)
- Re: GSOC 2017 related info. Luis MartinGarcia (Mar 23)