Nmap GSoC 2009 Report

[Fyodor <fyodor () insecure org>]

Hello everyone.  Google SoC ended last month and things are starting
to settle down, so it is time to look at the results.  First, let's
review the completion stats for previous years:

2005: Success rate 70% (7/10)
Full report: http://slashdot.org/comments.pl?sid=183143&cid=15133184

2006: Success rate 80% (8/10)
Full report: http://seclists.org/nmap-dev/2007/q1/235

2007: Success rate: 83% (5/6)
Full report: http://seclists.org/nmap-dev/2007/q4/24

2008: Success rate: 86% (6/7)
Full report: http://google-opensource.blogspot.com/2008/11/nmaps-fourth-gsoc-success-stories-and.html

I'm proud that our success rate improved in each of those four years,
and I'm delighted to announce that we set a new record for 2009!  This
year every single one of the students passed--a 100% success rate!
I'd like to offer big congratulations to Patrick, Ithilgore, Luis,
Josh, Venkat, and João, as well as my thanks to David for mentoring
half of them.  I'd also like to thank the Nmap community members who
helped with testing, bug reports, and advice throughout the summer.
Of course Google also deserves thanks for coordinating and bankrolling
this whole thing!

Now for the meat of this report: what did the students actually
accomplish?

Ithilgore spent the summer creating a new application from scratch:
the high speed Ncrack network authentication cracker.  This is a great
tool for auditing your systems and devices for weak passwords.  I
demanded efficiency, but Ithilgore went way beyond the call of duty.
For example he carefully analyzed the SSH protocol before hacking the
OpenSSH library for optimal performance and then documenting that work
at http://seclists.org/nmap-dev/2009/q3/428.  Ncrack also handles
http, https, ftp, and telnet protocols, with more on the way!  An
alpha release is already available in source format along with Windows
and Mac OS X installers.  Learn more or download Ncrack from
http://nmap.org/ncrack/.

Patrick Donnelly has been an active developer since SoC 2008.  This
year he was the Nmap Scripting Engine Infrastructure Manager, a
natural choice given his deep knowledge of NSE. He designed and
implemented a number of innovations including Boolean operators for
the --script option and richer syntax for --script-args.  Even more
importantly, he fixed several bugs that caused mysterious hangs and
crashes.  He also sped up NSE by increasing parallelism, made the http
module support caching, and added a system for detecting incorrect use
of global variables.  Patrick gave a presentation on NSE and his work
at the Lua Workshop in Rio de Janeiro.

Luis MartinGarcia created Nping, a multi-platform network probing
utility.  Think of it as Hping on steroids, allowing you send a wide
variety of raw packets (TCP, UDP, ICMP, plain IP, IPv6, ARP, etc.) and
analyze the responses.  In the future we plan to add a special server
mode which listens on the target system and reports back to the client
for network trace reconstruction.  Analyzing packets as received by
the target will allow the user to detect network address translation,
header field munging, and more.  A beta release is already available
in source format along with Windows and Mac OS X installers.  Learn
more or download Nping from http://nmap.org/nping/.

Josh Marlow was a feature creeper focusing on Zenmap and the Nmap
core.  He developed a talent for performance measurement, speeding up
Zenmap startup and results processing.  His biggest user-visible
improvement is Zenmap's new host filtering feature which allows you to
narrow down scan results to just those hosts you are interested
in. For example, you might scan a huge network then decide to drill
down your view to only the Linux machines or only servers running
Microsoft IIS 5.0.  Josh presented the Zenmap filtering mechanism at
NeighborCon in Knoxville and Las Vegas.

Venkat Sanaka was a feature creeper with a specialization in Ncat.  He
became something of an OpenSSL expert and pioneered Ncat SSL support
improvements including client certificate authentication, SSL
fallbacks for SSLv3- and TLSv1-only servers, and wildcard certificate
verification. Venkat made many non-SSL improvements as well.

João Correa spent the summer writing scripts and libraries for the
Nmap Scripting Engine, with a particular focus on HTTP.  He improved
open proxy detection (including adding a SOCKS proxy detection
script), improved SSL support (for numerous protocols) with his
comm.tryssl system, dramatically sped up many http requests by adding
pipelining support, and he also added http cookies and post/head
request support.  He also overhauled the favicon DB and HTTP
enumeration scripts.  Check out http://nmap.org/nsedoc/ to see all the
things NSE can do now!

These are all just highlights of the great work these students
performed over the summer.  For more details, see the Nmap Changelog
(http://nmap.org/changelog.html).

Most of these improvements are already integrated in Nmap 5.00
(http://nmap.org/5/), and the rest are in our SVN repository version
(http://nmap.org/book/install.html#inst-svn).  A new release is
expected in the next two weeks.

Please join me in congratulating all these students for their
excellent work!  I'm particularly pleased that many of them have
continued contributing even after the summer has ended.  I'm looking
forward to GSoC 2010 (assuming it is held again and Google invites
us), but 2009 will be a tough year to top!

Cheers,
Fyodor
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/