From c73921017dad8754321d627e4e8a8e77b08f4b4f Mon Sep 17 00:00:00 2001 From: fyodor Date: Wed, 14 Apr 2010 22:15:35 +0000 Subject: [PATCH] Update after chat w/David --- docs/TODO | 84 +++++++++++++++++++++++++++++-------------------------- 1 file changed, 44 insertions(+), 40 deletions(-) diff --git a/docs/TODO b/docs/TODO index ec8b3c417..3fbf8712c 100644 --- a/docs/TODO +++ b/docs/TODO @@ -8,21 +8,7 @@ o Nmap should probably always produce a well-formed XML file, even if nexthost: failed to determine route to 9.48.184.164 QUITTING! -o Brainstorm for GSoC 2010 ideas and fill out the org application by - Friday 3/12 4PM PST. - o NSE scripts - o Maybe a whole SoC role for http scripts - o Maybe look at other web app scanners for some inspiration - (including w3af - http://w3af.sourceforge.net/) - o Maybe a non-http developer too - o NSE infrastructure manager - o Ncrack - o Nping - o Mobile Devices? N900, iPhone, Android - o Zenmap developer - o Must have solid user interface design experience - o Zenmap script selector (subset of a Zenmap or NSE SoC role) - o Feature Creepers/Bug fixers +o Finish selecting GSoC 2010 projects o Create new default username list: http://seclists.org/nmap-dev/2010/q1/798 @@ -52,12 +38,6 @@ o [NSE] Maybe we should create a class of scripts which only run one o [Zenmap] Investigate getting new OS icon art. See http://seclists.org/nmap-dev/2010/q1/1090 -o [Zenmap] Maybe it should sort IPs in an octet-aware way. And maybe - you should be able to sort by IP address (perhaps that should be the - default). Current plan is to just sort by IP by default, and maybe - we'll offer other sort techniques later if desired. See - http://seclists.org/nmap-dev/2010/q2/27 [possible SoC student task] - o [Zenmap] Consider a memory usage audit. This thread includes a claim that a 4,094 host scan can take up 800MB+ of memory in Zenmap: http://seclists.org/nmap-dev/2010/q1/1127 @@ -72,11 +52,12 @@ o We should probably enhance scan stats--maybe we can add a full-scan completion time estimate? Some ideas here: http://seclists.org/nmap-dev/2010/q1/1007 -o [NSE] We should have a standard function which takes time - arguments in the same format as Nmap does (e.g. 60s, 1m, etc.) and - the scripts which take time arguments should be modified to use - it. David suggests this here: - http://seclists.org/nmap-dev/2010/q2/35 +o We should have a standard function which takes time arguments in the + same format as Nmap does (e.g. 60s, 1m, etc.) and the scripts which + take time arguments should be modified to use it. David suggests + this here: http://seclists.org/nmap-dev/2010/q2/35. We are also + going to update the normal Nmap timing functions to take seconds by + default, as described here: http://seclists.org/nmap-dev/2010/q2/159 o [NSE] Consider modifying our brute force scripts to take advantage of the new NSE multiple-thread parallelism features. @@ -99,19 +80,6 @@ o We should offer partial results when a host printed that out only, we could potentially isolate it in just one place. -o Get @output sections for the last remaining scripts w/o them: - [WARN] script auth-spoof missing @output - [WARN] script db2-das-info missing @output - [WARN] script db2-info missing @output - [WARN] script http-passwd missing @output - [WARN] script iax2-version missing @output - [WARN] script ms-sql-config missing @output - [WARN] script ms-sql-query missing @output - [WARN] script oracle-sid-brute missing @output - [WARN] script pop3-brute missing @output - [WARN] script pptp-version missing @output - [WARN] script skypev2-version missing @output - o Integrate new OS fingerprints (we have more than 1,300 since November 10, 2009). @@ -132,6 +100,8 @@ o Move Zenmap man page from nmap/docs/ to nmap/zenmap/docs to match o Consider standardizing names for nping and ncrack man pages as well. [Fyodor] +o Book work [placeholder] + o Add Nmap web board/forum - First step is looking at the available software for this. @@ -209,7 +179,6 @@ o Dependency licensing issues (OpenSSL, Python, GTK+, etc.) o X.org libraries (Mac version links to them) o libdnet - o Scanning through proxies o Nmap should be able to scan through proxy servers, particularly now that we have an NSE script for detectiong open proxies and now that @@ -570,6 +539,41 @@ o random tip database DONE: +o Get @output sections for the last remaining scripts w/o them: + [WARN] script auth-spoof missing @output + [WARN] script db2-das-info missing @output + [WARN] script db2-info missing @output + [WARN] script http-passwd missing @output + [WARN] script iax2-version missing @output + [WARN] script ms-sql-config missing @output + [WARN] script ms-sql-query missing @output + [WARN] script oracle-sid-brute missing @output + [WARN] script pop3-brute missing @output + [WARN] script pptp-version missing @output + [WARN] script skypev2-version missing @output + +o [Zenmap] Maybe it should sort IPs in an octet-aware way. And maybe + you should be able to sort by IP address (perhaps that should be the + default). Current plan is to just sort by IP by default, and maybe + we'll offer other sort techniques later if desired. See + http://seclists.org/nmap-dev/2010/q2/27 [possible SoC student task] + +o Brainstorm for GSoC 2010 ideas and fill out the org application by + Friday 3/12 4PM PST. + o NSE scripts + o Maybe a whole SoC role for http scripts + o Maybe look at other web app scanners for some inspiration + (including w3af - http://w3af.sourceforge.net/) + o Maybe a non-http developer too + o NSE infrastructure manager + o Ncrack + o Nping + o Mobile Devices? N900, iPhone, Android + o Zenmap developer + o Must have solid user interface design experience + o Zenmap script selector (subset of a Zenmap or NSE SoC role) + o Feature Creepers/Bug fixers + o Review IDS detection scripts from Joao Correa. http://seclists.org/nmap-dev/2010/q1/814