Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Potential SoC Idea

From: doug () hcsw org
Date: Tue, 15 May 2007 18:23:20 -0700
Hi nmap-dev/SoC!

I'm working on a pretty large patchset that I hope to release to the list
sometime this evening but I just thought of an extremely useful medium
difficulty SoC project.

Nmap comes with a number of "database" files that contain all sorts of
information from service/protocol names to OS signatures. Sometimes it
is useful, especially during development, to modify and test these files.
In my opinion the current interface for specifying custom files is a bit
clunky: create a new directory, copy in all the data files you need for your
scans, then pass that directory to Nmap with the --datadir switch or the
NMAPDIR environment variable.

This is sometimes inconvenient and also has its limitations. The biggest
of which is you need to have a separate directory for each combination of
data files required.

Also inconvenient is that all data files must be named by their exact name
"nmap-whatever", leaving you only their location on the file system for
documentation and requiring a separate directory to document each combination
of files with copies of or symlinks to all the other data files you need.

An obvious solution is to have a special switch for each data file so you
can "override" the exact location of a given data file but continue using
data files in the default location. Something like:

nmap --nmap-services-location /path/to/nmapdir ...

But creating a switch for each file introduces lots of maintenance and
documentation issues. Can we do better?

A possible medium-difficulty SoC task idea that anybody is free to
take over is to make a switch that "overrides" the location of any particular
nmap data file. Something like this:

nmap --datafile-override nmap-services=/path/to/it \
     --datafile-override nmap-protocols=/somewhere/else ...

Most (all?) of nmap's data files are opened through the following function
in nmap.cc:

int nmap_fetchfile(char *filename_returned, int bufferlen, char *file);

This function might be the best place to perform the "override".

Best,

Doug

Attachment: signature.asc
Description: Digital signature


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: