Nmap Development mailing list archives
Re: RFC: New Nping "Echo Mode"
From: "Luis MartinGarcia." <luis.mgarc () gmail com>
Date: Wed, 30 Jun 2010 13:21:15 +0200
Hi Drazen, Thanks for your comments. I reply to some of your ideas: On 06/28/2010 12:39 AM, Dražen Popović wrote:
If it was me using the echo mode I would very much like to see the RFC like output style.
I like it too. I have discussed this with Fyodor and we both think Nping could offer that kind of output, but it doesn't specifically relate to the echo mode, so I've put that in the todo list, so it gets implemented at some point, after the echo mode is ready. For the moment I think we are going for a less surprising kind of output.
Now the "nping --echo-server" thingy. It would be great if nping would have some mechanisms which would, once invoked with the --echo-client, start a new instance of a "nping --echo-server" and when done terminate the service.
I can easily make the server quit after one session, but starting the server remotely by Nping itself may be a lot harder to implement. I think for the moment, users will have to ssh to their server box manually.
Other things that interests me is the NEP protocol. Which authentication methods it uses? Why make a new protocol? Can an existing one be used instead?
I've just sent an email to the list about that (subject: "Nping Echo Protocol : Request for comments"). The authentication mechanism is a slightly modified version of the three-way authentication handshake, describe in the X.509 recommendation. About the need for a new protocol, we have no choice. We can make it simpler or more complex but I don't think we can reuse any existing protocol for this. We need a way for both the echo client and echo server to undestand each other, and I don't think there is a protocol that can be used for this without major modifications. About the authentication, as I said, I tried not to reinvent the wheel, reusing an existing authentication protocol. However, I still ended up having to include extra information. I am far from being an expert on cryptography so It is very possible that I've missed something and there are probably a few different attacks to the system. Regards, Luis MartinGarcia. _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- RFC: New Nping "Echo Mode" Luis MartinGarcia. (Jun 27)
- Re: RFC: New Nping "Echo Mode" Dražen Popović (Jun 27)
- Re: RFC: New Nping "Echo Mode" Luis MartinGarcia. (Jun 30)
- Re: RFC: New Nping "Echo Mode" Fyodor (Jun 28)
- <Possible follow-ups>
- Re: RFC: New Nping "Echo Mode" Luis MartinGarcia. (Jun 30)
- Re: RFC: New Nping "Echo Mode" Dražen Popović (Jun 27)