Re: Contribute to N-MAP

[Gyanendra Mishra <anomaly.the () gmail com>]

Hi Fyodor,

Great insights! I have made a few changes to incorporate your notes.

On Fri, Dec 16, 2016 at 3:26 AM, Fyodor <fyodor () nmap org> wrote:

> On Sun, Dec 4, 2016 at 4:31 AM, Gyanendra Mishra <anomaly.the () gmail com>
> wrote:
> > A lot of students will be asking the same question as you. I decided to
> > write a blog post to answer the question.[1]
> >
> > It's currently in a draft like state. I would love your suggestions to
> > improve the post.
> >
> > Gyani
> > [1]https://gyani.net/blog/getting-started-with-nmap/
>
> Hi Gyani.  Nice post!  I'm glad you're able to share your experience with
> Nmap development, etc.  Here are a few little notes I took while reading it:
>
> If you are reading this post while thinking of trying for GSoC 2017
> > remember that GSoC is a beginner-intermediate program and is not for
> > experts. If you are an expert then you are better of being a mentor.
>
>
> That's a reasonable perspective although I've seen GSoC work out great for
> advanced students too.  Some prefer being a student to a mentor because
> students get paid and also generally do more of the hands-on engineering
> rather than managing/mentoring.  Also, while some organizations are
> different, mentoring is such a large responsibility that the Nmap Project
> usually only takes mentors that we already know and with substantial Nmap
> development experience.  So even someone with expert-level skills might be
> better off starting with Nmap as a student.

I understand your point! I think I wrote the above point thinking of not to
scare away the people new to open source. A lot of my juniors in University
are pretty scared when they start and think starting contribution requires
god like skills. I was wrong in leaving out people with expertise though. I
see how general expertise doesn't qualify you as a mentor and how you are
better off starting as a student. I have made suitable edits to the
article.


> Nmap doesn’t have the standard Contributing to Nmap page that most open
> > source programs have on their websites.
>
>
> I guess that's fair.  We do have the HACKING file, but it's not so
> comprehensive and I see you do link it later in your article.  If you or
> someone wants to create a SecWiki page on contributing to Nmap, that would
> be great!  And then we could change the HACKING file to just link to it.

Maybe Nmap.org can have a link to the SecWiki Article whenever one gets
written. A lot of projects have  a link on the main site, it makes it
easier to access for new people I guess.


> I wanted to work on the hacking and not the UI so Zenmap wasn’t an option
> > for me.
>
>
> It is good to have your perspective although this does make it sound a bit
> like UI work is lesser than core Nmap or NSE.  But I've actually found
> Zenmap UI work to be among the hardest parts of Nmap to do well.  It takes
> a unique mix of good design skills and thinking about the use cases and of
> course also being able to implement them well in code.  After all, Zenmap
> has a lot of complex functionality well beyond just running Nmap and
> presenting the plain results in a window like the lame UI's of some other
> software.

I think this came off wrong because of the two meanings associated with the
word hacking. By hacking I meant writing exploits/detection scripts
relating to the meaning 'gaining unauthorized access to data in a system or
computer' and not 'an appropriate application of ingenuity’(software
development). I've made some edits to clear the confusion that resulted
with me using the word hacking.


> This is something that one should learn. You don’t have to contribute code
> > to contribute to open source. There are many different ways to contribute
> > open source,
>
>
> Excellent point!

Thank You!


> Also, where you point to the nmap-dev and nmap-announce lists later, you
> might consider making those links so they're easier for people to find.

I have made the change.

> Anyway, thanks for writing this good article!
>
> Cheers,
> Fyodor
Happy holidays :)

Cheers,
Gyani

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/