GSoC : CPE , SCTP ,Update feed

[ambarisha b <b.ambarisha () gmail com>]

Hi,

Since the student application period for GSoC has started, I thought I
better start with the real proposal.I was hoping to work on features
like conversion of nmap databases into CPE and more.I have written a
draft and noted the inputs from:

http://seclists.org/nmap-dev/2011/q1/989

Currently,I am working on what can be done with the fingerprint line
to see if we can sensibly break it so as to be used later with some
string matching algorithm.

I also read about the update feed mechanism which ,I think, is a
crucial feature.I have yet to study the update feed mechanisms of
Metasploit vs OpenVAS.I will try to make a draft of advantages of each
if needed.I will get back as soon as I have progress to report.

One more idea I had in mind was adding SCTP support for NSE.But there
was mention of some problems being reported about the SCTP
functionality.First that has to be investigated.There are a lot of
other things that would be quite useful that are still pending in the
todo like using SCTP also for service probing and for OS detection.One
instance of the later is noted in the todo.So, I thought having SCTP
functionality integrated more strongly into nmap would be a great
idea.What is the priority on
this? Is anybody already working on it?How would this scale up as a
GSoC project for the summer ? Are there any points specific to these
ideas that I need to address in the proposal?

Cheers
Ambarisha
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/