RE: Nmap GUI

[Will Beers <whbeers () mbio ncsu edu>]

My submitted application for the summer of code is actually a web
(php+mysql) based front end and scripted scan management app to Nmap.  I've
dubbed the idea "NmapWBFE".

The background of my idea is that I run a couple small-medium network at my
campus, and in order to monitor systems with open ports, I have cronjobs
setup to do an nmap scan of my subnets utilizing a blacklist of hosts that
take too long to scan.  It takes the results, and outputs them to files
stored in a .htaccessed part of the web server running on the same machine,
and I can periodically check the scans and manually compare them to see
when a specific port opened up on a certain machine.  What I've wanted to
do is make a nice interface for all of this, that includes the following
functionality (and any requests as well):

--manually or automatically add hosts that take too long to scan to a list
in the database, this behavior should be configurable
--manually scan with a fully configurable set of options/parameters to the
scan via he web interface, store this scan to be easily retrieved or
performed in the future, and/or schedule this scan to run at certain times
of the day/days of the week/etc.
--have an easy to navigate and configure report of which hosts have what
port open
--be able to flag certain ports as "safe", so that they will not be
included in the report
--query for machines by open port, query for ports open by machine, or any
other useful combination that either I or the community think of
--query historical data for scheduled scans to see exactly what date/time a
port was first noticed as being open
--query to see what times of day certain systems arrive on the network, or
whether certain hosts are never seen on the network (would help to clear
clutter out of host registration DBs)
--who knows what other useful functions it could perform.

Specifically it would answer these requests very easily:

  >Some suggestions for the GUI would include:
  >- - Store scanning scripts that could save settings and parse results
  >in search of specific results, so that findings and warnings could be
  >automated
  >- - Have some common scan scenarios predefined as scripts, like:
  >firewall testing, IPv6 check, minimal paranoid scan, Windows server
  >full scan, Web Server check, etc.
  >- - Scripts should be able to call other nmap or external scripts to
  >make it extensible and enable users to build several layers of
  >automation based on previous results
  >- - Direct connection to databases for storing results and comparing
  >them over different tests or at different dates


I'd really like to code this up whether I'm accepted for the summer of code
or not, and having suggestions from the community would be very helpful, as
well as feedback as to whether it would be a useful application for many
people.  The only request I believe I could not match is the ability for it
to be multilingual, as I only speak english and a tiny amount of spanish.
I'm sure there would be plenty of people in the community willing to help
with this though, and any pointers as to how to make the app flexible for
this purpose at the code level would be appreciated.


Will Beers

PS: I apologize if this email isn't parsed correctly as a reply, as I'm 
replying to an email I only see on the online archive since I just now
joined the list. (and, sorry if this got posted twice, but i sent it out 3 
hours ago and it's still not showing up, so i'm guessing the problem was my 
s/mime sig - removed it).


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev