Nmap Development mailing list archives
XML schema
From: "Stou Sandalski" <tangui () cell2000 net>
Date: Mon, 14 Aug 2000 20:36:59 -0700
Hi, I was looking at the XML output Fydor posted in the regular nmap list, generated by some patches phreed made... and I was thinking... instead of having so many tags, especialy the <ports> tag, I feel it would be much better if there was a <host> tag, that included info about the host in the form of attributes (like IP, Os, etc.) and then have a bunch of <port> or <service> tags that have information about the perticular port, in the form of attributes. It might be necessary to put OS tags because there's more then one OS with most scans, and maybe a service tag in te port tag to give more info about the serive that could be done with xslt. Like that it will be more structured I think. It will look something like: <?xml version="1.0" ?> <!-- Nmap (V. nmap) scan initiated 2.53 as: ./nmap -O -oX junk.xml 10.0.0.5-10 --> <nmap version="2.53"> <host ipadd="127.0.0.1", os="Windows NT4 / Win95 / Win98", seq-index="11"> </port id="1433", state="open", proto="tcp", service="ms-sql-s"> <!-- Other ports here --> </host> <!-- Other hosts here --> <!-- A statistic tag? --> </nmap> I was also thinking that it would be nice if nmap could say... this is a Windows platform, running 98, or Me or this is a Linux, kernel 2.2.10. (ie separate the platform from the version) and have for example each platform or version have its own ID that can be maintained as a list with the source. So for client programs that are layerd on top of nmap it will be easier to recognize the Os without doing string comparing and guessing, that way one can for example hook the client program up to a database of exploits and have it work something like NAI's Cybercop. I don't know this is pretty basic for now and I haven't thought it through, but I am sure a lot of things can be made with attributes without using tags and such, IMHO it would make the output cleaner and smaller. what do you guys think? Stou --------------------------------------------------------------------- For help using this (nmap-dev) mailing list, send a blank email to nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).
Current thread:
- XML schema Stou Sandalski (Aug 14)