Nmap Development mailing list archives

Re: Google/Nmap SoC 2009 Project Ideas?

From: Daniel Roethlisberger <daniel () roe ch>
Date: Sat, 14 Mar 2009 21:51:12 +0100

David Fifield <david () bamsoftware com> 2009-03-14:

On Sat, Mar 14, 2009 at 04:27:46PM +0100, Daniel Roethlisberger wrote:

David Fifield <david () bamsoftware com> 2009-03-14:

On Mon, Mar 09, 2009 at 11:42:03PM +0100, Daniel Roethlisberger wrote:

o Efficient network topology mapping.  Give Nmap (or Zenmap or even a
  separate tool) a large network range or multiple ranges, and it will
  automatically and intelligently determine the network topology
  with a minimal number of probes / in minimal scan time, i.e. don't
  do a full traceroute on each and every IP address.  There are many
  ways to cut down the number of probes required versus the naïve
  approach, including making educated guesses at subnetting, and
  intelligently verify those using a minimal number of probes (think
  binary search through possible/likely subnet layouts).


Vladimir Mitrovic, a Summer of Code student last year, wrote a prototype
that I think matches what you describe.

http://seclists.org/nmap-dev/2008/q1/0409.html
http://seclists.org/nmap-dev/2008/q1/att-0409/samplescan_gif

The original idea was to build it into Zenmap, but it was never
implemented owing to time constraints with other projects. Is this the
kind of thing you were thinking of?


Pretty much, yes, except that this prototype runs a full
traceroute for each IP address in the range, which is what I'd
like to see optimized.

For instance, the traceroutes can be done backwards, in order to
be able to skip pointless probes to routers already in the
topology graph.  From the TTL on received response packets, we
know the distance of the target, and then traceroute back until a
node is found which is already in the node graph.


Nmap's traceroute already does this optimization within hostgroups, I
believe.


Yes, now that I look at it again, that's correct, my bad for not
spotting it when I looked at the code to extend it for SCTP.

-- 
Daniel Roethlisberger
http://daniel.roe.ch/

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

Current thread:

Re: Google/Nmap SoC 2009 Project Ideas?, (continued)
- Re: Google/Nmap SoC 2009 Project Ideas? Daniel Roethlisberger (Mar 09)
  - Re: Google/Nmap SoC 2009 Project Ideas? Kris Katterjohn (Mar 09)
    - Re: Google/Nmap SoC 2009 Project Ideas? Daniel Roethlisberger (Mar 11)
  - Re: Google/Nmap SoC 2009 Project Ideas? Michael Pattrick (Mar 09)
  - Re: Google/Nmap SoC 2009 Project Ideas? ithilgore (Mar 10)
    - Re: Google/Nmap SoC 2009 Project Ideas? Daniel Roethlisberger (Mar 11)
  - Re: Google/Nmap SoC 2009 Project Ideas? Henri Salo (Mar 14)
  - Re: Google/Nmap SoC 2009 Project Ideas? David Fifield (Mar 14)
    - Re: Google/Nmap SoC 2009 Project Ideas? Daniel Roethlisberger (Mar 14)
    - Re: Google/Nmap SoC 2009 Project Ideas? David Fifield (Mar 14)
    - Re: Google/Nmap SoC 2009 Project Ideas? Daniel Roethlisberger (Mar 14)
- Re: Google/Nmap SoC 2009 Project Ideas? Toni Ruottu (Mar 09)
  - Re: Google/Nmap SoC 2009 Project Ideas? Fyodor (Mar 14)
- Re: Google/Nmap SoC 2009 Project Ideas? Professor 0110 (Mar 11)
- Re: Google/Nmap SoC 2009 Project Ideas? Vlatko Kosturjak (Mar 11)
  - Re: Google/Nmap SoC 2009 Project Ideas? Ron (Mar 11)
    - Re: Google/Nmap SoC 2009 Project Ideas? Vlatko Kosturjak (Mar 12)
- script cooperation jah (Mar 11)
- Re: Google/Nmap SoC 2009 Project Ideas? majek04 (Mar 17)
- Re: Google/Nmap SoC 2009 Project Ideas? doug (Mar 17)
- Re: Google/Nmap SoC 2009 Project Ideas? fred (Mar 17)