Fwd: A few UMIT problems/suggestions

["Guilherme Polo" <ggpolo () gmail com>]

---------- Forwarded message ----------
From: Guilherme Polo <ggpolo () gmail com>
Date: 18/06/2007 14:55
Subject: Re: A few UMIT problems/suggestions
To: Kris Katterjohn <katterjohn () gmail com>

(You will receive this again Kris, sorry)

2007/6/18, Kris Katterjohn <katterjohn () gmail com>:
> Guilherme Polo wrote:
> > Hello Kris,
> >
> > First of all, I'm not UMIT project admin but I'm participating as a
> > SoC student in UMIT.
>
> Hi! I'm an SoC student for Nmap, so we might be talking again :)

Cool ;)

> > > I have noticed a few things while testing out UMIT (off SVN):
> > >
> > > * I haven't done extensive testing yet, but at least on my Ubuntu box
> > > when I try to Save the scan, I get a window pop up to choose where to
> > > save the file and it just freaks out!  It's like there are two of them
> > > sort of overlapping and it jumps between them or something.  It's hard
> > > to explain and won't let me save the scan.  This is the only
> > > window/option I've seen that this happens to, so I don't know how it
> > > could be just me experiencing it because everything else seems to work fine.
> >
> > It doesn't happen here (but that was using my branch).
>
> Hmm.. well, I don't know then :)

I tested trunk and it didnt happen too ;/ is there something I can do
to try to reproduce it ?

> > > * Most of the port info under the Host Details tab after the scan is
> > > done seems to be very wrong.  The "Openned" one is right, but the Closed
> > > and Filtered ones always say 0 (no matter how many there are) and
> > > Scanned just says the same amount as "Openned".
> >
> > Uhm, there are some xml test files and I opened then in UMIT and I saw
> > Closed different than 0. If you can send some xml file it would be
> > good. Those results are parsed from xml output.
>
> I have attached an XML file for a scan, and when opening in UMIT, I
> still get 0 for filtered and closed when you can plainly see there are
> plenty of each :)
>
> Does UMIT use the <extraports> XML directive (I think it's called)
> correctly? That's where it is in this scan.
>
> This is a scan I did through Nmap and just opened through UMIT, so it
> messes up both ways (through UMIT or just passed to it).

First, thanks for the xml =) It helped me discover one bug in
xmlstore, that stores the scans in Network Inventory. (xmlstore is
part of new database schema that me and joao set up for umit). It also
showed I was wrongly retrieving just first entry for extraports in
database (new schema too).

"standard UMIT" (trunk version) is using the same NmapParser I'm using
in my branch, and it does shows correctly both extraports for filtered
and closed state. But as it seems, the GUI is just showing ports
closed when there is something like this: <port protocol="tcp"
portid="22"><state state="closed" /><service name="ssh" method="table"
conf="3" /></port>, and discarding extraport info for closed state.
This is a bug to be reported too.

Thanks again =)


--
-- Guilherme H. Polo Goncalves

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org