Re: Fwd: UMIT unleashed!

[Fyodor <fyodor () insecure org>]

On Sun, Sep 04, 2005 at 12:43:18PM -0300, Adriano Monteiro wrote:
> PyGTK 2.4 doesn't have STOCK_ABOUT. You have 2 options:
>    * Where its gtk.STOCK_ABOUT, put None
>    * Install PyGTK 2.6

Hi Adriano.  With just the STOCK_ABOUT change, it seems to be working!
So I recommend making that change (or equivalent) to the main
distribution so that PyGTK 2.4 works.

I then test drove the application for a while and it looks great!
Many parts are quite polished, clever, and/or functional.  Here are
some notes I took:

o You obviously put a lot of work into the Wizard.  It generally seems
  to work, but I don't think that "ACK ping", "SYN ping", or "UDP
  probes" in the ping options dialogue (either novice or export mode)
  work.  Instead of asking for port numbers, they insert a %s into the
  command-line, which causes an error message later when you try to
  execute the scan.

o The "Non root user" information box is a good idea, but maybe it
  should make it more clear that Nmap still works.  Maybe something like
  "You do not have root privileges -- many options are unavailable".

o I was glad to see that the output box expands properly when I change
  the window size.  It is also great that it is so easy to enter my
  own one-off command to execute when I don't feel like defining a new
  profile.

o I like that you can execute several Nmap scans concurrently!

o Is there a way to search results, for example, to find all open ssh
  ports or apache web servers?

o Having default profiles is a great idea, though I think some of them
  can be improved.  For example, I would recommend using -T4 (or,
  equivalently, -T Aggressive) rather than -T Insane for the "quick"
  scans.  Also, why does the "verbose" profile include "-T Paranoid"?  I
  would recommend having an "Intense Scan" that includes "-T4 -sV -O"
  and maybe "-p-" up near the top.

o Help isn't implemented yet, though I do like the icon :).

o Having the "close tab" button in the same area you use to switch
  tabs is troublesome.  Last time I tried to switch to a new tab, I
  accidently closed that tab instead.  Maybe the close tab button can
  go on the right of all the tabs, like it does in Firefox.

o It would be nice if the MAC address in "host details" gave the
  vendor.  It is there in the XML for you.

o It would be nice if there was a way, other than the plain "Nmap
  Output" tab, to see all of the hosts at once.  For example, maybe
  the "Open Ports" table could include IP addresses so that you could
  easily sort by port number and look over everything.  Ideally, users
  could have checkboxes to enable other fields in each column, such as
  host OS, MAC vendor, etc, and to sort by any of these fields.

o There are a number of other fields that I think would be valuable in
  the requirements doc at http://www.insecure.org/nmap/SoC/NmapFE.html .

These are my suggestions, but UMIT really does look great overall!

Cheers,
Fyodor


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev