Re: Ideas for verbose data file path reporting

["DePriest, Jason R." <jrdepriest () gmail com>]

On 6/4/07, David Fifield wrote:
> I'm working on giving Nmap the ability to tell you where it loaded its
> data files from. For example, you could use the --datadir option to ask
> for a different nmap-services, and Nmap would say that nmap-services
> came from that directory while the other files it used came from
> /usr/local/share/nmap. I'd like some feedback on my ideas on how best to
> present the information.
>
> While usually all the data files will be loaded from their primary
> directory, each one is searched for individually in a list of
> directories, so they could all be in different places. And with the new
> --servicedb and --versiondb options in the soc07 branch, they could even
> have different names than they normally do. nmap-services could be
> loaded from /tmp/my-favorite-services, for example.
>
> In all of these examples, nmap-service-probes and nmap-rpc are in the
> default /usr/local/share/nmap with their default file names, nmap-os-db
> is in /home/david/.nmap with its default file name, and nmap-services is
> in /home/david with the file name services-few.
>
> The examples are not mutually exclusive. I have labeled them only to
> make them easier to discuss. Ideas from all three could be combined,
> etc.
>
> Example A: List directories and their data files when the file names
> have not changed, then list each data file with a changed file name
> individually.
>
>         Read from /usr/local/share/nmap: nmap-service-probes nmap-rpc.
>         Read from /home/david/.nmap: nmap-os-db.
>         Read nmap-services as /home/david/services-few.
>
> Example B: List every data file individually, giving a description of
> the file's purpose rather than its default file name. This format has
> some
>
>         Read service probes from /usr/local/share/nmap/nmap-service-probes.
>         Read known RPC numbers from /usr/local/share/nmap/nmap-rpc.
>         Read OS fingerprints from /home/david/.nmap/nmap-os-db.
>         Read service port numbers from /home/david/services-few.
>
> Example C: Group unchanged file names by directory, then list each
> changed file name individually. In each case, specify whether the source
> is a file or a directory.
>
>         Loaded nmap-service-probes, nmap-rpc from the directory /usr/local/share/nmap.
>         Loaded nmap-os-db from the directory /home/david/.nmap.
>         Loaded nmap-services from the file /home/david/services-few.
>
> Note that none of these options mentions data files that were not used.
> I think it's useful to show which files were opened and which were not.
>
> What do you think?
>
> David Fifield

I think Example B provides the most useful information in the easiest
to understand at a glance format..

Since a person can name a file whatever they want, I could have a file
called /home/depriest/happy-fun that contains service information.

Seeing 'service port numbers' conveys what it is for better than 'nmap-services'

Of course, that would require additional translations for non-English versions.

-Jason

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org