PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2026-01-20 13:19:01 +00:00
Code Issues Projects Releases Wiki Activity

latest todo updates

Browse Source
This commit is contained in:
fyodor
2012-04-11 01:18:33 +00:00
parent ed35bfcfc9
commit 5b4eb5de13
1 changed files with 15 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
todo/nmap.txt
View File

@@ -15,14 +15,6 @@ o We should probably go through the nmap-os-db (and IPv6 version)
sometimes include the qualification, and sometimes not.
o This is best done with cpeify-os.py, if possible.
o Scans from Mac OS X tend to use raw IP packets rather than ethernet
frames even on the local network because Dnet does not seem to be
retrieving the routing table properly -- so the LAN doesn't even
show up in --iflist. Patrik can reproduce this on all 3 of his
MACs (OS X versions 10.7.3). Comparing the code in DNet route-bsd.c
to Apple's own routing table code discovered by Patrik suggests that
the Dnet code may be incorrect.
o Zenmap no longer ads the installed module directory to its module
search path because some distributors first install in a world
writeable directory (like /tmp) and then put those files into their
@@ -50,6 +42,13 @@ o [NSE] host.os should not just be a list of strings which can contain
classification of the first OS match for the target system.
The host.os entry docs/scripting.xml would have to be updated too.
o Implement some improvements to dns-ip6-arpa.nse, as describe at
http://seclists.org/nmap-dev/2012/q2/45.
- Also consider a move to "fire and forget" logic. Just blast out
the queries that we know we have to make, and then read any replies
that may happen to come back. (but still try not to introduce
inaccuracy (missed hosts) by flooding the network.
o [NPING] Nping should probably give you an error or warning when you
do: "nmap -p80 google.com" since it is ignoring the port specifier.
The user probably wants to add --tcp.
@@ -751,6 +750,14 @@ o random tip database
DONE:
o Scans from Mac OS X tend to use raw IP packets rather than ethernet
frames even on the local network because Dnet does not seem to be
retrieving the routing table properly -- so the LAN doesn't even
show up in --iflist. Patrik can reproduce this on all 3 of his
MACs (OS X versions 10.7.3). Comparing the code in DNet route-bsd.c
to Apple's own routing table code discovered by Patrik suggests that
the Dnet code may be incorrect.
o ssl-google-cert-catalog should not require that the user specify
ssl-cert in order to run. Instead, they should probably both call a
library which obtains the certificate (and caches it so that it