Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: GSoC : CPE , SCTP ,Update feed

From: David Fifield <david () bamsoftware com>
Date: Thu, 31 Mar 2011 22:46:28 -0700
On Tue, Mar 29, 2011 at 04:40:36PM +0530, ambarisha b wrote:

Since the student application period for GSoC has started, I thought I
better start with the real proposal.


Hi Ambarisha. It's nice to see that you are applying for the Summer of
Code. You've made a good impression with your patches and mailing list
participation.


I was hoping to work on features like conversion of nmap databases
into CPE and more.I have written a draft and noted the inputs from:

http://seclists.org/nmap-dev/2011/q1/989

Currently,I am working on what can be done with the fingerprint line
to see if we can sensibly break it so as to be used later with some
string matching algorithm.

I also read about the update feed mechanism which ,I think, is a
crucial feature.I have yet to study the update feed mechanisms of
Metasploit vs OpenVAS.I will try to make a draft of advantages of each
if needed.I will get back as soon as I have progress to report.


It looks like your proposal will be for Feature Creepers and Bug
Wranglers. It's good to see that you are thinking about some of the
harder issues.


One more idea I had in mind was adding SCTP support for NSE.But there
was mention of some problems being reported about the SCTP
functionality.First that has to be investigated.


I don't remember hearing of problems with SCTP in NSE? Can you remind me
what they were?


There are a lot of other things that would be quite useful that are
still pending in the todo like using SCTP also for service probing and
for OS detection.One instance of the later is noted in the todo.So, I
thought having SCTP functionality integrated more strongly into nmap
would be a great idea.What is the priority on this? Is anybody already
working on it?How would this scale up as a GSoC project for the summer
? Are there any points specific to these ideas that I need to address
in the proposal?


I don't think anyone is working on these. SCTP version detection is a
good idea and I think it could be done without very much effort. OS
detection is more difficult, and your proposal should describe how you
will invent new probes and tests, and measure their effectiveness.

"ncat --sctp" is a good tool for setting up dummy servers for testing.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: