Some changes from chat w/David

todo/nmap.txt

@@ -1,17 +1,17 @@
 TODO $Id: TODO 11866 2009-01-24 23:10:05Z fyodor $ -*-text-*-
 
-o [Zenmap] Use a more efficient algorithm to update the display of Nmap normal
-  output in live scans.
-  zenmapGUI.NmapOutputViewer.NmapOutputViewer.refresh_output calls
-  zenmapCore.NmapCommand.NmapCommand.get_output, which re-reads the
-  entire output file (into memory) and then puts it in the text buffer
-  if it has changed. So already we're storing the whole output twice in
-  memory. When the text field changes, update_output_colors
-  re-highlights the whole file.
+o Include a --script-help system to Nmap, which provides user readable
+  text help and also machine parsable XML information for scripts
+  which match a pattern (e.g. the same sort of arguments you could use
+  for --script, like a category or http-* or whatever).  The
+  --script-help ONLY provides help and quits, it does not run the
+  script.  For some initial implementation work, see this thread:
+  http://seclists.org/nmap-dev/2011/q1/163
 
-o Update changelog to note recent changes
-
-o Do final dev/test release
+o Modify Zenmap to use the new --script-help system to enumerate
+  scripts and collect information such as their descriptions.  This
+  will resolve the problem of Nmap's broadcast prerule scripts running
+  when you open the profile editor.
 
 ==STUFF WE WANT IN STABLE RELEASE ABOVE THIS LINE==
 
@@ -68,9 +68,6 @@ o Script review:
     if possible. Patrik Karlsson's beginning TFTP implementation:
     http://seclists.org/nmap-dev/2011/q1/169.
 
-o [Nping] See whether --echo-client mode really requires root, and
-  remove that restriction if not.
-
 o Investigate this interface-matching problem on Windows:
   http://seclists.org/nmap-dev/2011/q1/52. It is related to the
   libdnet changes we made to allow choosing the correct physical
@@ -92,9 +89,6 @@ o UDP scanning with IP options causes "Received short ICMP packet" on
 o [Ncat] Find out what RDP port forwarding apparently doesn't work on
   Windows. http://seclists.org/nmap-dev/2011/q1/86
 
-o Decide whether to include NSE console script help, decide on
-  implementation issues. http://seclists.org/nmap-dev/2011/q1/163
-
 o We should document Ron's sample script
   (http://nmap.org/svn/docs/sample-script.nse) in docs/scripting.xml so
   that new script writers know about it.
@@ -728,6 +722,30 @@ o random tip database
 
 DONE:
 
+o [Nping] See whether --echo-client mode really requires root, and
+  remove that restriction if not.
+  Luis explanation for requiring root:
+    http://seclists.org/nmap-dev/2011/q1/248
+
+o Script review:
+  - p2p-dropbox-listener http://seclists.org/nmap-dev/2010/q4/689
+
+o Decide whether to include NSE console script help, decide on
+  implementation issues. http://seclists.org/nmap-dev/2011/q1/163
+
+o [Zenmap] Use a more efficient algorithm to update the display of Nmap normal
+  output in live scans.
+  zenmapGUI.NmapOutputViewer.NmapOutputViewer.refresh_output calls
+  zenmapCore.NmapCommand.NmapCommand.get_output, which re-reads the
+  entire output file (into memory) and then puts it in the text buffer
+  if it has changed. So already we're storing the whole output twice in
+  memory. When the text field changes, update_output_colors
+  re-highlights the whole file.
+
+o Update changelog to note recent changes
+
+o Do final dev/test release
+
 o If Nping is compiled w/o SSL support, and the user specifies an
   encryption key, it should fail and insist they use --no-crypto
   rather than ignoring the key and omitting crypto.  Otherwise the