New Nmap development list; Securityfocus interview; Defcon 8!

[Fyodor <fyodor () insecure org>]

Hi all,

Things have been quiet on the Nmap front lately.  We have been working on
several other cool projects.  But Nmap will not be on the back burner for
long -- a lot of good stuff is planned.

In particular, I am starting to realize just how important service
detection can be.  It is too easy to miss security holes by assuming that
(say) 113 open on a host is "just an identd" server.  Maybe some idiot
employee noticed that 113 inbound was open through the firewall so he
stuck his exploitable wu-ftpd there.  Plus, people are putting httpd
servers on all sorts of ports these days.  It would be nice if nmap could
actually recognize these services and relegate the nmap-services map to a
backup guess (and tell you its a guess).  

You may recall that Jay Freeman sent a cool service (and version-number)
detection patch to this list a while back.  So it is certainly possible.  
We just have to find the best way to do it in a scalable, secure,
efficient, and intuitive fashion.  I have set up an unmoderated
development list for discussion of this and other issues.  Here is the
description that is sent to new subscribers:

-- Begin description blurb:
nmap-dev is a mailing list intended to facilitate the development of
the free Nmap Security Scanner.  It provides an unmoderated forum for
people to contribute ideas, patches, suggestions, etc.  We also
discuss the pros and cons of proposed changes to Nmap.  Thus this
list also serves as a sort of developmental "steering committee".
New (test/beta) versions of Nmap may sometimes be released here
prior to general availability for quality assurance purposes.

Anyone hardcore enough to subscribe to nmap-dev should probably
also subscribe to nmap-hackers 
(mailto: nmap-hackers-subscribe () insecure org ).  That is a moderated
list which carries nmap-related announcements and other important 
traffic.

-- end subscription blurb

To subscribe to this list, send a blank mail to
nmap-dev-subscribe () insecure org .  Note that this list is mostly for
programmers and the most hardcore users.  New nmap versions and third
party nmap-related projects will still be announced here on nmap-hackers.

On another note, Securityfocus has posted an audio interview I did with
them a while back.  It is at
http://www.securityfocus.com/templates/media.html?id=27 .  Unfortunately
it is only available in the Evil, proprietary Real Audio format.  Maybe
someday they will offer text transcripts or mp3 versions (which is still
proprietary, but not as Evil or privacy-invasive).  If someone converts it
to mp3, please send an email to me or the list (but please give an URL,
don't attach it to a list msg).

Also, it is worth reminding everyone that Defcon 8 is coming this month!  
See www.defcon.org .  This con came in first place in our recent
nmap-hacker survey, and I tend to agree with that assessment.  I spoke (
impromptu:) at Defcon 7, but will probably not be doing so this year.  I
have added a Defcon banner to the top of the Nmap page for July.

Cheers,
Fyodor