Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [umit-devel] UmitBT 0.8 released

From: Fyodor <fyodor () insecure org>
Date: Fri, 20 Feb 2009 22:13:12 -0800
On Sat, Feb 21, 2009 at 09:09:08AM +0800, devtar wrote:

Greetings,

   The tarball and Windows installer for UmitBT 0.8 are available. Check
them out at http://umitbt.umitproject.org.


Congratulations!  Traditionally UMIT/Zenmap/Nmap have only dealt with
IP-layer protocols, with a little bit of ARP thrown in for efficiency.
Adding Bluetooth is an interesting extension.  I use a lot of BT
devices, so I can definitely see the value.

In many ways, UmitBT has more in common with a tool such as Kismet
than with Umit/Zenmap/Nmap.  I'm not sure that Nmap will ever want to
find WAPs or BT devices (one could argue that it is bloat considering
Nmap's core mission), but it is an interesting idea.

Actually, this sort of thing (Nmap WAP/BT discovery, not all of
UmitBT) could potentially be written as an Nmap NSE script which
executes the proper commands if they exist (e.g. 'iwlist ap') and
parses the data for nice Nmap presentation.  Presumably an equivalent
could be done for Bluetooth.  The value would mostly just be in having
a portable way to list the accessible WAPs (or BT devices) and see the
results in a consistent format.  You could then join the discovered
Wifi network (or pair with a BT device to tether IP through) and start
more serious IP scanning.  I'm not sure if those scripts would be
useful to people or not, but it is definitely an interesting thought
experiment.

Do either of your screen shots on the UmitBT page show SDP discovery
scan results?  The page says they are turned off by default because
the scan "would take a considerable amount of time to complete".  How
long does it usually take?  What sort of data do you get back?

I've CC'd nmap-dev in case some of them want to take a look at UmitBT.
Just as with WiFi detectors such as Kismet, I do think Bluetooth
discovery tools are important.  Adding it to Umit still strikes me as
a bit strange (just as UmitWeb does), but that doesn't make it any
less interesting or less worth trying out!

Cheers,
-F

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: