Re: Time for Nmap SoC! Project ideas wanted.

[jah <jah () zadkiel plus com>]

On 12/03/2008 07:24, Fyodor wrote:
> o Zenmap developer to continue to improve and extend Nmap's new cross-platform GUI
>   o Anyone here have ideas for what you'd most like to see in Zenmap?
>   
I'd love to see more network visualisation in zenmap -
raidalnet/umitmapper style.  Zenmaps killer feature, for me, is the
Compare tool which basically rocks and I think  integrated network
visualisation would add to the rockingness.
> o Nmap Scripting Engine infrastructure architect to improve the NSE platform
> o Nmap Scripting Engine script developer to write a bunch more scripts
>   for us.
>    o Anyone have ideas of scripts you'd love to see?
>   
I'd like to see more debugging for NSE to help with writing scripts, I'd
like to see debugging output along the lines of Lionel Cons suggestion
[1] for stdnse.print_debug(), but also for --script-trace output.
> o Collect top ports data so that we can say things like "scan just the
>   100 most common TCP ports".  The feature already exists, we just need
>   the data.
>   
This will be great when it happens and I'd like to see top ports
available in profiles such as The Internet, Enterprise Environment,
Vulnerable Services
> o A testing framework that could be run (particularly before new
>   releases) to insure that things are working properly.  Maybe it could
>   even go so far as scan machines such as scanme.nmap.org to make sure
>   OS detection works correctly, etc.
>   
This would be great not only to check that nmap works as expected before
releases (and during testing), but also when experimenting with command
line parameters in day-to-day use such as when tying to discover the
minimum scanning needed for a result at a certain level of accuracy.
> o Raw-packet IPv6 support so you could do SYN scan, etc.  Does anyone here use IPv6.
>
> o Windows IPv6 support.  Again, does anyone want this?
>   
At some point in the future, everyone will want this and I think it
would be great to get started.
> o Embedded Nmap work--Nmap on the OLPC, Nokia Internet Tablets, and similar devices.
>   
including smartphone OS's such as Symbian and Windows Mobile.


I'd like the option to gracefully end a scan if nmap detects dropped
probes against ports that previously responded and an option to pause a
scan in such a circumstance and periodically check those ports and
resume scanning if responses are received perhaps within a
--host-timeout window.

I often find myself saving text documents containing long nmap command
lines so I can apply them to targets consistently over long periods. 
Zenmaps profiles can be useful here, but I don't always want to use
zenmap and I think that profiles would be quite useful for the command
line especially when running nmap from a USB drive.

Regards,

jah

[1] stdnse.print_debug() enhancements -
http://seclists.org/nmap-dev/2007/q4/0770.html

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org