Nmap Development mailing list archives
Re: GSoC : CPE , SCTP ,Update feed
From: ambarisha b <b.ambarisha () gmail com>
Date: Sun, 3 Apr 2011 18:15:09 +0530
On Fri, Apr 1, 2011 at 11:16 AM, David Fifield <david () bamsoftware com> wrote:
One more idea I had in mind was adding SCTP support for NSE.But there was mention of some problems being reported about the SCTP functionality.First that has to be investigated.I don't remember hearing of problems with SCTP in NSE? Can you remind me what they were?
May be I was a bit unclear,I meant the normal -sY/-sZ scans.Have a look at this discussion tagged in the todo:http://seclists.org/nmap-dev/2009/q2/672.It might just be a misconfiguration in the network.Still its worth a look.Presently, I get all the ports filtered.Perhaps, scanme.csnc.ch is now firewalled ? The idea is to add SCTP support for NSE.I was hoping to add functionality to parse SCTP headers for packet module in NSE, to get a clear idea of what would be involved as a mockup. What do you say ?
I also read about the update feed mechanism which ,I think, is a crucial feature.I have yet to study the update feed mechanisms of Metasploit vs OpenVAS.I will try to make a draft of advantages of each if needed.I will get back as soon as I have progress to report.
I looked at the thandy updater, but there was a little problem as their demo link isn't working.I also came across this other framework TUF written by the authors of the linked paper on attacks targeting packet managers.It hasn't undergone much testing,but is worth a look.I still need to research a bit more on this to write a concrete proposal.Are we targeting at a complete software updater or just the databases and the scripts?Any particular inclinations or other requirements?I guess, it will also become easy to apply patches after this, right?
"ncat --sctp" is a good tool for setting up dummy servers for testing.
Yeah, that was what I had in mind. Cheers Ambarish _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: GSoC : CPE , SCTP ,Update feed ambarisha b (Apr 03)
- Re: GSoC : CPE , SCTP ,Update feed David Fifield (Apr 06)
- Re: GSoC : CPE , SCTP ,Update feed Daniel Roethlisberger (May 03)
- Re: GSoC : CPE , SCTP ,Update feed David Fifield (May 03)
- Re: GSoC : CPE , SCTP ,Update feed Daniel Roethlisberger (May 04)
- scanme.roe.ch SCTP services over IPv6 (was: GSoC : CPE , SCTP , Update feed) Daniel Roethlisberger (May 04)
- Re: scanme.roe.ch SCTP services over IPv6 (was: GSoC : CPE , SCTP , Update feed) David Fifield (May 04)
- Re: GSoC : CPE , SCTP ,Update feed David Fifield (May 03)