Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Trying to remove loop of anonymous hops in zenmap Topology tab.. Need Help?

From: David Fifield <david () bamsoftware com>
Date: Wed, 28 Mar 2012 18:32:32 -0700
On Wed, Mar 28, 2012 at 11:32:05AM +0530, drake01 wrote:

I am currently working on zenmap's issue :
http://seclists.org/nmap-dev/2012/q1/82 (as suggested by Patrik)
To David,
David, I am trying to use the patch you submitted for this. I have this
issue:
1) First of all, we want to make any cycle of anonymous hops be converted
to single anonymous node, right? Like:

         / anon_1---anon_3 \
..-> ip_a                   ip_b -> ..  => .. -> ip_a -> anon_1 -> ip_b -> ..
         \ anon_2 ---anon_4/


I found it working for the case of 1-hop loop though.. Are you sure
its not working for single loop too..


Okay, this is not quite right. We shouldn't speak of "anonymous" hops
but rather "timed-out" hops because that's what they are. Here it is
wrong to collapse to just one node, because there are two TTL values
represented by the timeouts. You can think of it as there being two
completely separate traces to targets t1 and t2. "o" is the scanning
machine, "a" are hops that responded and have addresses, and "to" are
timeouts.

o -> a1 -> a2 -> a3 -> to1 -> to2 -> a4 -> t1

o -> a1 -> a2 -> a3 -> to3 -> to4 -> a4 -> t2

Zenmap already partially combines these in the way you can see in the
graphic at http://seclists.org/nmap-dev/2012/q1/att-82/trace-anon.png.

                   / -> to1 -> to2 -> \  / -> t1
o -> a1 -> a2 -> a3                    a4
                   \ -> to3 -> to4 -> /  \ -> t2

Those consecutive timeouts should be further collapsed so that it looks
like this:

                                       / -> t1
o -> a1 -> a2 -> a3 -> to5 -> to6 -> a4
                                       \ -> t2

The idea is that even though those timed-out hops may in fact represent
different routers, we assume they are the same because we cannot
distinguish them in the trace anyway.


2) I am kinda' unable to find definitions of attributes returned by a trace
in zenmap.. Since I am new to zenmap code, could you please point me to the
correct file...  I am not sure
what exactly hop["ttl"] contains... It should contain consecutive numbers
in increasing order, increased when any host is encountered during trace...
right?


Read the comments in zenmapCore/NmapParser.py on the methods of the
HostInfo class.


3) I wish to apply for gsoc2012 and work for nmap this summer and
further... I would like to apply for the role of 1) Web scanning and
Discovery scanning specialist or 2)Zenmap Gui Developer in order of
priority..
Q1- Can I apply for both profiles and write a single proposal  or Would I
have to select 1 out of these two..


You should write them both in the same proposal.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: