Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: RFC: New Nping "Echo Mode"

From: "Luis MartinGarcia." <luis.mgarc () gmail com>
Date: Wed, 30 Jun 2010 13:21:15 +0200
Hi Drazen,

Thanks for your comments. I reply to some of your ideas:

On 06/28/2010 12:39 AM, Dražen Popović wrote:

If it was me using the echo mode I would very much like to see the RFC
like output style. 
  


I like it too. I have discussed this with Fyodor and we both think Nping
could offer that kind of output, but it doesn't specifically relate to
the echo mode, so I've put that in the todo list, so it gets implemented
at some point, after the echo mode is ready. For the moment I think we
are going for a less surprising kind of output.


Now the "nping --echo-server" thingy. It would be great if nping would
have some mechanisms which would, once invoked with the --echo-client,
start a new instance of a "nping --echo-server" and when done terminate
the service. 


I can easily make the server quit after one session, but starting the
server remotely by Nping itself may be a lot harder to implement. I
think for the moment, users will have to ssh to their server box manually.



Other things that interests me is the NEP protocol. Which authentication
methods it uses? Why make a new protocol? Can an existing one be used
instead? 


I've just sent an email to the list about that (subject: "Nping Echo
Protocol : Request for comments"). The authentication mechanism is a
slightly modified version of the three-way authentication handshake,
describe in the X.509 recommendation.

About the need for a new protocol, we have no choice. We can make it
simpler or more complex but I don't think we can reuse any existing
protocol for this. We need a way for both the echo client and echo
server to undestand each other, and I don't think there is a protocol
that can be used for this without major modifications. About the
authentication, as I said, I tried not to reinvent the wheel, reusing an
existing authentication protocol. However, I still ended up having to
include extra information. I am far from being an expert on cryptography
so It is very possible that I've missed something and there are probably
a few different attacks to the system.


Regards,


Luis MartinGarcia.


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: