Re: [ANNOUNCEMENT] Umit 0.9.1-RC1

["Adriano Monteiro" <py.adriano () gmail com>]

Hi Fyodor!

> I also think UMIT is ready to move beyond the -dev list.  Feel free to
> send an announcement for this or the next version to the 40,000
> nmap-hackers.

Ok! I'll be releasing a RC2 pretty soon, with more bug fixes, and I'll
send an announcement to the nmap-hackers also.

> UMIT is also a lot better than NmapFE at this point, IMHO.  It is
> cross-platform, is actively developed, uses the stable Nmap XML
> format, and has a powerful search interface.  You can't say any of
> that about NmapFE.  I think we should try to get this distributed with
> the next stable version of Nmap, which is probably two or three months
> away.  I hope that version will also contain NSE and the new OS
> detection system with a comprehensive database.

Good! I think that with some effort, we can make a stable release for
Umit in 3 months. It's time enough for users point bugs and sugest
improvements.

> So I went to the download page and was confronted by choices such as
> 'Umit-0.9.1-RC1.exe' and 'umit-0.9.1.tar.bz2'.  Is "0.9.1-RC1" the
> same as "0.9.1"?  The files were all uploaded on September 1, but the
> name is different and I encountered different behavior between them
> (particularly in tab naming, tab closing, and tab scrolling when you
> have many tabs).  But that could possibly just be based on Linux
> vs. Windows platform differences.

They're the same! The difference you note was related to the platform
behavior, unfortunately.

> Anyway, I started with the Windows version.  The first thing I noticed
> is that the size has been reduced more than 50% from 18MB to less than
> 8MB.  Much better!  Also, the installer was smooth and didn't require
> explicit installation of half a dozen dependencies.  I think shipping
> with a compiled EXE like you are doing now is the way to go.

I think that with more effort I can reduce it even more. But I'm
leaving this effort to the time we're going to distribute it with
Nmap.

> Once it started, I tried Help -> About and nothing happened.  Help ->
> Help only gave me a dialogue saying that help hasn't been implemented.

I think that the 0.9.1 was shipped with a lack os pixmaps! An error
during the compilation process avoided the copy of the pixmaps to the
installer. I'm releasing a new version with then, so you'll be able to
see the splash screen (that I'm supposing that you didn't see) and
open the About dialog (that I'm supposing that wasn't openned because
of an error due to the lack of the umit logo image).

> I like the way you can now select through the "Nmap output" screen and
> you click the "Services" button on the left to view just hosts with a
> certain service available, that feature doesn't seem to work on the
> "Nmap output" pane.  Maybe you should either make it work (show just
> Nmap output related to systems with the given port available), or
> simply change to a different pane such as "Ports/Hosts" when someone
> clicks "Services".

When you select a host, the nmap output will show the host output. The
release 0.9.1 has a bug that shows the first occourrence of data about
that host. With the -v option, Umit will show the first line that has
the host ip/name. The next version is coming with a fix that shows the
exact content for each host (the content bellow "Interesting ports on
...:").
I didn't make anything equivalent for the services view because a
service selection can involve more than one host, and the nmap output
that should be shown when that happen is not clear for me yet. I think
that the idea of changing to the ports/hosts tabs is the better
solution for this issue, and I just put this idea on for the next
release.

> Speaking of the services button, it seems to show all services found
> in any state as long as the port was listed on the "Interesting ports"
> line.  I suppose it is a judgement call, but you may want to consider
> only showing open or open|filtered ports.  Otherwise you get a bunch
> of entries for services which are only closed, and even then it only
> shows cases where the closed port was listed specifically as opposed
> to the many cases where the port might be closed but was grouped
> together in "Not shown: 1670 closed ports".

Fixed!

> We should probably do some branstorming on nmap-dev as to what the
> default profile should be and which ones should be included by
> default.  I also really like that it is so easy to add new ones.

Agree! I think that there are hundreds of Nmap users here that can say
much better profiles to put there.

> I tried to load a big scan created with Nmap by using the "Open Scan"
> option and selecting the XML file.  Unfortuantely it appears that only
> the "UMIT Scan Results" (.umr) type can be loaded.  I suppose one
> issue is that the .xml doesn't include the normal-style Nmap output
> which you load into the "Nmap output" tab.  Is there anything else
> preventing you from loading normal XML output?

The umit results has some adaptations, but it was used to load raw
nmap xml output. Can you send me the xml output that you tried, so I
can try to reproduce the error, and maybe fix it in time for the next
release?

> In Windows (but not Linux), I encountered a minor bug related to
> opening numerous tabs.  When I opened enough tabs to fill up all the
> horizontal window space, the scrolling/placement didn't always work
> correctly.  I used this to try the "Help -> Report a Bug" feature.  It
> gave me a "Could not open default Web Browser" error, but the bug
> apparently got filed anyway on the SF tracker.  Also, the "Report a
> Bug" option only appeared on Windows, not Linux.

The "Could not open default Web Browser" error is because the default
web browser couldn't be openned to show the bug tracker page with your
bug report. Bug, before this error, you should have received another
message confirming that your bug report was filled successfully.


Cheeers!

-- 
Adriano Monteiro Marques
http://umit.sourceforge.net
py.adriano () gmail com

"Don't stay in bed, unless you can make money in bed." - George Burns

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org