diff --git a/todo/nmap.txt b/todo/nmap.txt index ea438f6d9..2a55f41f0 100644 --- a/todo/nmap.txt +++ b/todo/nmap.txt @@ -44,18 +44,37 @@ o We should fix nsedoc generation so it doesn't fail when blocks like just can't be fixed, we will have to document the heck out of it, I suppose. -o We should work to reduce Zenmap's memory consumption. Right now we - commonly get error reports from people who load so many systems that - Zenmap gives an out of memory error and crashes. For example, see - this thread: http://seclists.org/nmap-dev/2014/q2/46 - -o In an ideal world, Zenmap would not run out of memory and crash. - And we already have an entry for improving Zenmap's memory - consumption. But in the meantime, we should catch the error and - present a more useful error message/explanation so the user - understands the problem. This should reduce the number of - out-of-memory "crash reports" we get too. See - http://seclists.org/nmap-dev/2014/q2/298 +o GSOC 2014 student Jay will be looking at these items: + o We should work to reduce Zenmap's memory consumption. Right now we + commonly get error reports from people who load so many systems that + Zenmap gives an out of memory error and crashes. For example, see + this thread: http://seclists.org/nmap-dev/2014/q2/46 + o In an ideal world, Zenmap would not run out of memory and crash. + And we already have an entry for improving Zenmap's memory + consumption. But in the meantime, we should catch the error and + present a more useful error message/explanation so the user + understands the problem. This should reduce the number of + out-of-memory "crash reports" we get too. See + http://seclists.org/nmap-dev/2014/q2/298 + o Consider using a binary decision diagram for --exclude list to make + it more efficient for large exclude lists. See + http://seclists.org/nmap-dev/2012/q4/420. + o Implement an --exclude-ports option. See + http://seclists.org/nmap-dev/2012/q1/275 + o Investigate report of Nmap ARP discovery using the wrong target MAC + address field in ARP requests (it is correct in the ethernet frame + itself). See this thread: http://seclists.org/nmap-dev/2011/q3/547 + o [Zenmap] Combine parallel timed-out hops into one node in the + topology view. http://seclists.org/nmap-dev/2012/q1/82 has a patch, + however it doesn't handle the case of two or more consecutive + timeouts. + o Add randomizer to configure script so that a random ASCII art from + docs/leet-nmap-ascii-art*.txt is printed. I think I'll start naming + them leet-nmap-ascii-art-submittername.txt. + o Provide an option to send a comment in scan packet data for target + network. Examples: --comment "Scan conducted by Marc Reis from + SecOps, extension 2147" or --comment "pH33r my l3eT + s|<iLLz! I'll 0wN UR b0x!" o Adopt an issue tracking system for Nmap and related tools. We should probably look at our needs and options and then decide on and @@ -204,10 +223,6 @@ o Investigate ways to limit Winpcap privileges so that only driver programming experience. The idea is to produce a patch that we can then try to convince the WinPcap folks to apply ] -o Consider using a binary decision diagram for --exclude list to make - it more efficient for large exclude lists. See - http://seclists.org/nmap-dev/2012/q4/420. - o Test a hierarchical classifier for IPv6 OS detection. Our classifier currently treats, for example, some localhost Linux fingerprints as separate classes from remote Linux fingerprints, simply because we @@ -325,10 +340,6 @@ o [UPDATER] When it runs, it should give user more status about what (e.g. /home/fyodor/.nmap/updates/5.61TEST4). And if there are no updates available, it should say so. -o Investigate report of Nmap ARP discovery using the wrong target MAC - address field in ARP requests (it is correct in the ethernet frame - itself). See this thread: http://seclists.org/nmap-dev/2011/q3/547 - o Nscan work [placeholder] - Hosted Nmap system @@ -394,11 +405,6 @@ o We should offer partial results when a host timeouts. I (Fyodor) Nmap command-line option to do it. Once this is added, we can probably remove the script. -o [Zenmap] Combine parallel timed-out hops into one node in the - topology view. http://seclists.org/nmap-dev/2012/q1/82 has a patch, - however it doesn't handle the case of two or more consecutive - timeouts. - o [Nsock] Some SSL connections that used to work now fail; find out why. http://seclists.org/nmap-dev/2010/q4/788. Narrowed down to r19801 in http://seclists.org/nmap-dev/2011/q1/12. @@ -794,15 +800,6 @@ o Get new Zenmap logo o Create or collect some great ./configure ascii art. -o Add randomizer to configure script so that a random ASCII art from - docs/leet-nmap-ascii-art*.txt is printed. I think I'll start naming - them leet-nmap-ascii-art-submittername.txt. - -o Provide an option to send a comment in scan packet data for target - network. Examples: --comment "Scan conducted by Marc Reis from - SecOps, extension 2147" or --comment "pH33r my l3eT - s|<iLLz! I'll 0wN UR b0x!" - o Look at all the pcap functions, there are some like pcap_findalldevs() which could be quite useful. There are mails to the Nmap list relating to suggested improvements --