Nmap Development mailing list archives
2006 Nmap Survey Feature Results
From: Fyodor <fyodor () insecure org>
Date: Tue, 25 Apr 2006 00:35:50 -0700
So after deleting 462 spam/duplicate Nmap survey submissions (mostly from one idiot), we garnered an impressive 3,243 responses! That is more than 75% greater than the 1,854 responses in 2003, which was in turn 55% greater than the 1,200 submissions in 2000. It is nice to see the community continue to grow! While brainstorming ideas for Google SoC projects, I wrote a script to tabulate the survey feature poll. I'm relieved to see that the three joke entries were at the very bottom. At the top was 2nd generation OS detection, which is perfect because that is the next big feature I plan to work on. Improving performance ranked next -- that is always popular with users. Next came state descriptions, diffing between two scans, easy Internet data file updates, vulnerability assessment, graphical network diagrams, then traceroute support. The least desired feature was to translate Nmap to new languages. This isn't an entirely fair result, since the users most interested in this probably couldn't read the English-language survey :). But Nmap has tons of English-as-a-second-language users (possibly around half), yet most of them apparently prefer using the original English rather than a translation to their native tongue. It received the fewest 'excellent' responses (5.8%) of any non-joke feature. But translation wasn't the most hated feature -- it scored lowest because 64.8% were neutral to it. Only 6.8% thought it was bad. The most hated was "vulnerability exploitation", with 19.9% negative. I'm glad people recognize that would be taking Nmap well beyond its scope. If I do anything with Nmap and exploitation, it will probably just be working with HD Moore to ensure that Metasploit Framework can import Nmap results well. Now with my blabbing out of the way, here are the raw results. They are sorted by "points" value, which I consider to be the most important number. That gives every submission a fixed number of points to "spend" on features. So someone who only lists a few features as 'excellent' has a larger effect on those few features than someone who lists half the survey as 'excellent'. Relatively brief feature descriptions are used. If you don't remember what a feature is, look back at the survey (http://www.insecure.org/nmap/survey.html) for the more detailed description. Second Generation OS Detection (3099 votes): 7.24 points BAD: [> ] 4 (0.1%) NEUTRAL: [=> ] 153 (4.9%) GOOD: [===> ] 471 (15.2%) GREAT: [==========> ] 1586 (51.2%) EXCELLENT: [=====> ] 885 (28.6%) Improved performance (3050 votes): 7.13 points BAD: [> ] 5 (0.2%) NEUTRAL: [=> ] 190 (6.2%) GOOD: [===> ] 531 (17.4%) GREAT: [========> ] 1211 (39.7%) EXCELLENT: [=======> ] 1113 (36.5%) Give reasons for state descriptions (3045 votes): 7.13 points BAD: [> ] 8 (0.3%) NEUTRAL: [=> ] 121 (4.0%) GOOD: [===> ] 540 (17.7%) GREAT: [=========> ] 1391 (45.7%) EXCELLENT: [======> ] 985 (32.3%) Show differences between two scans (3085 votes): 6.94 points BAD: [> ] 10 (0.3%) NEUTRAL: [=> ] 142 (4.6%) GOOD: [====> ] 632 (20.5%) GREAT: [========> ] 1283 (41.6%) EXCELLENT: [======> ] 1018 (33.0%) Update fingerprints to latest version from 'Net (3083 votes): 6.89 points BAD: [> ] 44 (1.4%) NEUTRAL: [=> ] 189 (6.1%) GOOD: [===> ] 526 (17.1%) GREAT: [========> ] 1228 (39.8%) EXCELLENT: [=======> ] 1096 (35.5%) Vulnerability assessment (3106 votes): 6.49 points BAD: [=> ] 195 (6.3%) NEUTRAL: [==> ] 251 (8.1%) GOOD: [===> ] 433 (13.9%) GREAT: [======> ] 949 (30.6%) EXCELLENT: [========> ] 1278 (41.1%) Create graphical network diagrams from XML output (2957 votes): 5.36 points BAD: [> ] 43 (1.5%) NEUTRAL: [===> ] 425 (14.4%) GOOD: [=====> ] 855 (28.9%) GREAT: [=====> ] 797 (27.0%) EXCELLENT: [=====> ] 837 (28.3%) Traceroute (3026 votes): 5.26 points BAD: [> ] 32 (1.1%) NEUTRAL: [==> ] 394 (13.0%) GOOD: [======> ] 879 (29.0%) GREAT: [========> ] 1216 (40.2%) EXCELLENT: [===> ] 505 (16.7%) Proxy scan-through (2929 votes): 5.24 points BAD: [> ] 16 (0.5%) NEUTRAL: [===> ] 422 (14.4%) GOOD: [=====> ] 813 (27.8%) GREAT: [=======> ] 1077 (36.8%) EXCELLENT: [====> ] 601 (20.5%) Scripting/Module support (2945 votes): 5.14 points BAD: [> ] 25 (0.8%) NEUTRAL: [====> ] 590 (20.0%) GOOD: [=====> ] 729 (24.8%) GREAT: [======> ] 924 (31.4%) EXCELLENT: [====> ] 677 (23.0%) Distributed scanning (2994 votes): 4.72 points BAD: [> ] 62 (2.1%) NEUTRAL: [====> ] 625 (20.9%) GOOD: [=====> ] 811 (27.1%) GREAT: [=====> ] 722 (24.1%) EXCELLENT: [=====> ] 774 (25.9%) IPv6 raw-type scanning support (2941 votes): 4.64 points BAD: [> ] 3 (0.1%) NEUTRAL: [====> ] 640 (21.8%) GOOD: [=====> ] 818 (27.8%) GREAT: [======> ] 971 (33.0%) EXCELLENT: [===> ] 509 (17.3%) .nmaprc for storing defaults (2958 votes): 4.60 points BAD: [> ] 43 (1.5%) NEUTRAL: [===> ] 457 (15.4%) GOOD: [=======> ] 1031 (34.9%) GREAT: [=======> ] 1041 (35.2%) EXCELLENT: [==> ] 386 (13.0%) XML output to database exporter (2946 votes): 3.99 points BAD: [> ] 50 (1.7%) NEUTRAL: [=====> ] 821 (27.9%) GOOD: [======> ] 858 (29.1%) GREAT: [=====> ] 725 (24.6%) EXCELLENT: [===> ] 492 (16.7%) Fixed-rate packet sending option (2884 votes): 3.66 points BAD: [> ] 34 (1.2%) NEUTRAL: [=====> ] 766 (26.6%) GOOD: [=======> ] 1057 (36.7%) GREAT: [=====> ] 725 (25.1%) EXCELLENT: [==> ] 302 (10.5%) Input targets from DNS zone transfer (2855 votes): 3.57 points BAD: [> ] 41 (1.4%) NEUTRAL: [=====> ] 764 (26.8%) GOOD: [=======> ] 1010 (35.4%) GREAT: [=====> ] 737 (25.8%) EXCELLENT: [==> ] 303 (10.6%) Vulnerability exploitation (3067 votes): 3.30 points BAD: [====> ] 609 (19.9%) NEUTRAL: [==> ] 399 (13.0%) GOOD: [===> ] 515 (16.8%) GREAT: [====> ] 670 (21.8%) EXCELLENT: [=====> ] 874 (28.5%) libnmap C++ library (2838 votes): 3.27 points BAD: [> ] 28 (1.0%) NEUTRAL: [=======> ] 1053 (37.1%) GOOD: [=====> ] 804 (28.3%) GREAT: [====> ] 596 (21.0%) EXCELLENT: [==> ] 357 (12.6%) New/improved UNIX frontend (3021 votes): 3.25 points BAD: [=> ] 108 (3.6%) NEUTRAL: [=======> ] 1039 (34.4%) GOOD: [=====> ] 812 (26.9%) GREAT: [====> ] 630 (20.9%) EXCELLENT: [===> ] 432 (14.3%) New MS Windows GUI and interactive results viewer (3010 votes): 2.86 points BAD: [==> ] 254 (8.4%) NEUTRAL: [=======> ] 1073 (35.6%) GOOD: [====> ] 622 (20.7%) GREAT: [====> ] 597 (19.8%) EXCELLENT: [===> ] 464 (15.4%) Hosted service to scan your network(s) (2929 votes): 2.60 points BAD: [==> ] 255 (8.7%) NEUTRAL: [======> ] 932 (31.8%) GOOD: [=====> ] 756 (25.8%) GREAT: [====> ] 667 (22.8%) EXCELLENT: [==> ] 319 (10.9%) Translate Nmap itself (2951 votes): 0.95 points BAD: [=> ] 201 (6.8%) NEUTRAL: [============> ] 1911 (64.8%) GOOD: [===> ] 425 (14.4%) GREAT: [==> ] 243 (8.2%) EXCELLENT: [=> ] 171 (5.8%) Animated paper clip to help formulate scans (3031 votes): -2.50 points BAD: [===========> ] 1764 (58.2%) NEUTRAL: [===> ] 434 (14.3%) GOOD: [==> ] 320 (10.6%) GREAT: [=> ] 212 (7.0%) EXCELLENT: [==> ] 301 (9.9%) Occasional bogus results to keep users attentive (2952 votes): -3.58 points BAD: [============> ] 1918 (65.0%) NEUTRAL: [===> ] 475 (16.1%) GOOD: [==> ] 242 (8.2%) GREAT: [=> ] 123 (4.2%) EXCELLENT: [=> ] 194 (6.6%) Evil DRM and obnoxious EULA (2982 votes): -4.34 points BAD: [==============> ] 2137 (71.7%) NEUTRAL: [===> ] 420 (14.1%) GOOD: [=> ] 169 (5.7%) GREAT: [=> ] 117 (3.9%) EXCELLENT: [=> ] 139 (4.7%) Cheers, Fyodor _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev
Current thread:
- 2006 Nmap Survey Feature Results Fyodor (Apr 25)