Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Vulnerability and Exploitation Specialist

From: Muhammad Junaid Muzammil <mjunaidmuzammil () gmail com>
Date: Wed, 3 Apr 2013 19:43:47 +0500
Hi,

I was getting familiar with the nmap scripting engine and was reading
articles pertaining to nmap. In one of the articles, wikipedia has raised
some legality and ethical issues as nmap has been used for hacking.

http://en.m.wikipedia.org/wiki/Nmap#section_7

How does nmap address these issues?

Regards,
Junaid
On Apr 3, 2013 1:22 PM, "Fyodor" <fyodor () nmap org> wrote:


On Thu, Mar 28, 2013 at 12:07 PM, Muhammad Junaid Muzammil <
mjunaidmuzammil () gmail com> wrote:



I was looking through the gsoc 2013 project list and I am pretty much
interested for the post of Vulnerability and Exploitation Specialist. I do
have some queries here.



 Hi Junaid.  I'm glad to hear that you're considering Nmap SoC.  First,
please not that we aren't really finished updating our SoC ideas page from
last year.  But we have applied to Google to participate again this year.
 And you can find more of our 2013 ideas and plans in a rougher form at
these links:

https://secwiki.org/w/GSoC_community_ideas
http://seclists.org/nmap-dev/2013/q1/394

I also hope to update our main SoC page soon (http://nmap.org/soc/)

Meanwhile, regarding your specific questions:

1) How the resources are arranged? For example some vulnerabilities are

meant for MAC machines, SUN machines. Does nmap provides on-line access to
these resources or the student should target the vulnerabilities whose
resources are available to them.



Yes, there are far more potential vuln scripts than we could ever actually
write during a summer, so we need to prioritize based on things like
severity of the bug, how hard the script will be to write, ease of access
to the service for testing, etc.

2) What are the research prospects after the soc program completes. Does

nmap allow the work done for them to be continued further as University
research?



Yes, that is allowed and encouraged.

Cheers,
Fyodor



_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: