Planet SoC

Wow, Google Summer of Code is kind of over and I’ve had a great summer with Nmap. When I say its kind of over I mean that I still have to submit my end of summer quiz, still have to submit my code to Google, and I still have to wait for my mentor to submit his quiz. And there is still a chance - though infinitesimally small - that Google opts not to pay me or send me a T-Shirt for my work.
I have good news and bad news, the good news is that I finished all the projects I wanted to before the deadline, the bad news is I wont get my T-Shirt until after I go back to school. Which means I can’t use it to gloat over everyone the first day back; damn, I usually reserve that day for being an asshole.

Wow, Google Summer of Code is kind of over and I’ve had a great summer with Nmap. When I say its kind of over I mean that I still have to submit my end of summer quiz, still have to submit my code to Google, and I still have to wait for my mentor to submit his quiz. And there is still a chance - though infinitesimally small - that Google opts not to pay me or send me a T-Shirt for my work.
I have good news and bad news, the good news is that I finished all the projects I wanted to before the deadline, the bad news is I wont get my T-Shirt until after I go back to school. Which means I can’t use it to gloat over everyone the first day back; damn, I usually reserve that day for being an asshole.

Wow, Google Summer of Code is kind of over and I’ve had a great summer with Nmap. When I say its kind of over I mean that I still have to submit my end of summer quiz, still ahve to submit my code to Google, and I still have to wait for my mentor to submit his quiz. And there is still a chance - though infinitesimally small - that Google opts not to pay me or send me a T-Shirt for my work.
I have good news and bad news, the good news is that I finished all the projects I wanted to before the deadline, the bad news is I wont get my T-Shirt until after I go back to school. Which means I can’t use it to gloat over everyone the first day back; damn, I usually reserve that day for being an asshole.

The Summer of Code is almost over and I still haven’t written any(enough) documentation!!!
Ill have to rectify this immediately.

Jabra was nice enough to make a Codeswarm out of the Nmap codebase.
The result is a tad skewed because it doesn’t include the /nmap-dev, /nmap-exp, or /ncat repositories where some big new features are being coded but its more or less accurate and fun to watch.
Check it out here.

For my readers that don’t know what Nmap is, you wont understand the following. I’ve been gun preparations to start coding an Nmap diff utility (codename Ndiff), and one of my tasks was to propose a possible format for the diff files, enjoy the following.
Hey everyone,
David said it better then I can:
On Sun, Jun 15, 2008 at 3:02 PM, David Fifield <david@bamsoftware.com> wrote:
> The real problems is that Zenmap’s comparison doesn’t answer the
> questions a users wants answered: Are there new hosts on the network?
> Did any machines go down? Any new ports? Web server still running?
> Zenmap just gives you a jumble of colored text and asks you to figure it
> out.

For my readers that don’t know what Nmap is, you wont understand the following. I’ve been gun preparations to start coding an Nmap diff utility (codename Ndiff), and one of my tasks was to propose a possible format for the diff files, enjoy the following.
Hey everyone,
David said it better then I can:
On Sun, Jun 15, 2008 at 3:02 PM, David Fifield <david@bamsoftware.com> wrote:
> The real problems is that Zenmap’s comparison doesn’t answer the
> questions a users wants answered: Are there new hosts on the network?
> Did any machines go down? Any new ports? Web server still running?
> Zenmap just gives you a jumble of colored text and asks you to figure it
> out.

I applied my first major Nmap patch today, Yay! major milestone. From my patch email:
I have just applied a patch that reorganizes where the ping
probe information for -PS, -PU, -PA, and -PO is stored. Previously
this information was stored haphazardly in the global class ‘NmapOps’,
I moved them into the ’scan_lists’ struct which isn’t stored as a
global.
Ideally this wont change any functionality so if something is acting
weird with respect to the probes listed above, it may be my fault.
The most likely places a bug may appear would be in traceroute.(cc/h),
idle_scan.(cc/h), service_scan.(cc/h), services.(cc/h), targets.cc,
and scan_engine.cc. I have gone through all these functions thoroughly
but it is possible that I missed something.
Cheers,
Michael

I applied my first major Nmap patch today, Yay! major milestone. From my patch email:
I have just applied a patch that reorganizes where the ping
probe information for -PS, -PU, -PA, and -PO is stored. Previously
this information was stored haphazardly in the global class ‘NmapOps’,
I moved them into the ’scan_lists’ struct which isn’t stored as a
global.
Ideally this wont change any functionality so if something is acting
weird with respect to the probes listed above, it may be my fault.
The most likely places a bug may appear would be in traceroute.(cc/h),
idle_scan.(cc/h), service_scan.(cc/h), services.(cc/h), targets.cc,
and scan_engine.cc. I have gone through all these functions thoroughly
but it is possible that I missed something.
Cheers,
Michael

Free as in free beer.

Free as in free beer.

The evil bit is an attempt to make securing remote systems easier by setting a flag in the IPv4 header to specify whether or not the packet intends to harm the destination or not. Here are a few excerpts from RFC 3514, the document introducing the evil bit:
If the bit is set to 0, the […]

The evil bit is an attempt to make securing remote systems easier by setting a flag in the IPv4 header to specify whether or not the packet intends to harm the destination or not. Here are a few excerpts from RFC 3514, the document introducing the evil bit:
If the bit is set to 0, the packet has no evil intent. Hosts, network elements, etc., SHOULD assume that the packet is harmless, and SHOULD NOT take any defensive measures. (We note that this part of the spec is already implemented by many common desktop operating systems.)

If the bit is set to 1, the packet has evil intent. Secure systems SHOULD try to defend themselves against such packets. Insecure systems MAY chose to crash, be penetrated, etc.
Devices such as firewalls MUST drop all inbound packets that have the evil bit set. Packets with the evil bit off MUST NOT be dropped.

Final exams, moving out of my apartment, and now activly working on Nmap related projects; this week has been pretty busy for me. But atleast my Nmap projects are pretty interesting. I’m working on two major ones right now: –top-ports, and OS finger print integration assistant.
–top-ports is pretty cool, normally nmap scans check a vast […]

Final exams, moving out of my apartment, and now activly working on Nmap related projects; this week has been pretty busy for me. But atleast my Nmap projects are pretty interesting. I’m working on two major ones right now: –top-ports, and OS finger print integration assistant.
–top-ports is pretty cool, normally nmap scans check a vast range of ports - most of which arent open 90% of the time. I will be checking for which ports are most frequently open in the real world through empirical testing, this feature could potentially speed up many Nmap scans. There has already been a few third party internet portscans - most interesting is ACK-RST - the diffrence between the ACK-RST survey is I will feature far more hosts and I will be scanning the entire port range.

I managed to get a Google Summer of Code stipend this year working with the nmap crew. WIth regards to the people that I’m working with: WOW, some of them are pretty well known in their respective communities.
you can see all the nmap abstracts here.
Introducing the 2008 Nmap/Google Summer of Code Team
The Nmap Project is […]

I managed to get a Google Summer of Code stipend this year working with the nmap crew. WIth regards to the people that I’m working with: WOW, some of them are pretty well known in their respective communities.
you can see all the nmap abstracts here.
Introducing the 2008 Nmap/Google Summer of Code Team