RE: How do YOU use Nmap XML?

["Yvan G.J. Boily" <yboily () seccuris com>]

By no means am I am XML expert, however I do use XML a lot in the reporting tools I have created for my employer, as 
well as my
content management system for my own personal web page.

My understanding of it is such that XML elements are used to encapsulate data sets, while attributes define properties 
of that
dataset.

Since the hosts element details the number of hosts that are up, down, and the total, this indicates a set of 
properties of the
dataset.  There is no real way that this data could be extended either; a host is either up or it is down.  That makes 
it a discrete
value.  Using a full element would increase the time (trivially) to parse the file, however, the larger impact is that 
it is not as
readable (to a human).

XML is meant to be a format that is interchangeable, but its biggest advantage over other data formats is that it can 
be read
(ideally) by people as well as by machines.  This is a crucial part of interoperability as programmers (mostly human) 
have to be
able to read XML input and output to be able to verify the implementations during the development cycle.

Just my opinion... But for what its worth, the reporting tools I mentioned do integrate NMAP output, as well as a 
number of other
tools.

Yvan Boily

> -----Original Message-----
> From: Nils Magnus [mailto:magnus () linuxtag org] 
> Sent: Tuesday, November 16, 2004 9:16 AM
> To: Okan Demirmen
> Cc: Fyodor; nmap-dev () insecure org
> Subject: Re: How do YOU use Nmap XML?
>
> Re,
>
> On Tue, Nov 16, 2004 at 08:54:16AM -0500, Okan Demirmen wrote:
> > On Mon 2004.11.15 at 22:48 -0800, Fyodor wrote:
> > > I am currently working on a chapter for the O'Reilly Nmap 
> book which
> > > covers all of the Nmap output formats.  The normal, 
> grepable, and even
> > > s|<riPt KidDi3 output formats are relatively straightforward.
> > > However, I believe that the XML output is under-utilized 
> because many
> > > people fail to recognize the power of the format or don't 
> understand
> > > all the tools for processing and transforming XML.
>
> [...]
>
> > I've tried many of the Namp/XML parsing perl modules out there, and
> > the only one I liked so far was Nmap::Parser by Anthony G Persaud.
> > It's small and simple. However, I still have many other self-written
> > modules wrapping around Nmap::Parser.
>
> Although XML may be helpful at times, I have still gives me some
> headache. The basic syntax may be specified, but there lots of
> unanswered questions. Example: nmap generates the following output:
>
> ...
> <hosts up="1" down="0" total="1" />
> ...
>
> This is perfect from a syntax point of view, but why isn't it 
> formatted as
>
> <hosts>
>   <up>
>     1
>   </up>
>   <down>
>     0
>   </down>
> </hosts> ?
>
> No XML evangelist was able to help me on this issue so far.
>
> The Perl-Parser is ok, but if you compare the amount of time to get
> something useful out of an XML-parser compared to a grep over "-oM",
> the XML will currently always lose.
>
> Regards,
>
> Nils Magnus
> Program-Chair LinuxTag 2004 Free Conference Program
>
> LinuxTag 2004: Where .com meets .org - magnus () linuxtag org
>
> ---------------------------------------------------------------------
> For help using this (nmap-dev) mailing list, send a blank email to 
> nmap-dev-help () insecure org . List archive: http://seclists.org


---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to 
nmap-dev-help () insecure org . List archive: http://seclists.org