Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

GSOC 2017 related info.

From: ibrar arshad <ibrararshad80 () gmail com>
Date: Thu, 23 Mar 2017 19:12:01 +0500
Hello dev-team,

I am interested in working on improving nping during Google Summer of Code
2017. I have ~3 years of experiencing of working on developing distributed
systems and virtual network functions and now I am pursuing a masters
degree from Technical University of Munich. I just want to get guidance
about my proposal from the dev team.

First of all there is the matter of the dev branch(http://seclists.org/nma
p-dev/2012/q4/276) which contains several enhancements/fixes. The latest
change to that was made in 2013 and I believe the branch hasn't been merged
in to the trunk yet. Has it been? I plan to start merging patches from that
into trunk one by one and removing conflicts along the way and add tests
for the change-set introduced in every patch. Any alternatives or
suggestions here?

After merging the topic branch into the main branch, I will proceed further
to reproducing and fixing bugs on top of that. I was looking at the
currently open bug-list(https://github.com/nmap/nmap/labels/Nping) and have
shortlisted a few without any associated code or plan-to-fix yet:

   - 180 <https://github.com/nmap/nmap/issues/180> (replace gettimeofday()
   calls with alternative monotonic timestamp calls):
   - gettimeofday is prone to skewness by NTP syncs so instead, system's
      own monotonic clock should be used to generate timestamps for comparison
      where needed. Finding a portable way of generating monotonic timestamps
      across platforms is the only major challenge. Some implementations have
      already been mentioned in the ticket? Further suggestions on how to go
      about it?
   - 729 <https://github.com/nmap/nmap/issues/729>(Nping: Handle sending
   IPv6 on Windows without manually setting addresses). Two issues here:
      - Don't try sending raw packets on windows systems and enforce
      sending of ethernet packets by default on a windows system. Can be done
      fairly easily by examining the code around the routine/s that
generate the
      packets.
      - When using --send-eth, don't ask for v6 addresses and mac
      addresses. Rather, derive these from existing functions and
helpers.(again
      needs digging into the code)
   - 458 <https://github.com/nmap/nmap/issues/458> (traceroute mode for
   nping)
   - I think this can be done by examining response icmp packets. I think
      maybe the use-case needs to be refined here a bit? Any suggestions?
   - 361 <https://github.com/nmap/nmap/issues/361>(nping should show
   latency distribution)
      - Perhaps per probe stats can be maintained and visualized using
      something like gnuplot <http://www.gnuplot.info/>?
   - 360 <https://github.com/nmap/nmap/issues/360>(Unrealistic Min RTT
   (with --rate))
      - The root cause analysis has been provided in the ticket. Code needs
      to be probed for a solution.
   - 278 <https://github.com/nmap/nmap/issues/278>(Audit/change use of
   unsafe str* and *printf functions)
      - Required replacing unsafe string functions with safer ones. A few
      that need replacing are mentioned in the ticket. Code needs to be probed
      for further non-safe usages.
   - 125 <https://github.com/nmap/nmap/issues/125>(fix TODO and FIXMEs)
   - A quick grep into latest code revealed around 32 of TODOs and 8
      FIXMEs. Needs delving into the code to fix.

I have listed an overall approach towards merging the code from the topic
branch and fixing these and other bugs that may arise. I'd request for
feedback around this rough proposal in order to improve it. Should I dig in
deeper and figure the code details in order to make a convincing proposal?
Should I include the details for every bugfix or improvement I intend to
make to the tool? Also there is a todo list for nping related tasks(
https://svn.nmap.org/nmap/todo/nping.txt), can somebody confirm if its up
to date and if the tasks marked done are part of the main branch? Also, are
these still valid after the code changes available in the topic branch?
Thanks.


--
Ibrar Arshad

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: