Nmap Development mailing list archives
Re: Google/Nmap SoC 2009 Project Ideas?
From: Daniel Roethlisberger <daniel () roe ch>
Date: Wed, 11 Mar 2009 09:32:38 +0100
ithilgore <ithilgore.ryu.l () gmail com> 2009-03-11:
Daniel Roethlisberger wrote:Fyodor <fyodor () insecure org> 2009-03-09:Hi all. Google just began taking applications for organizations to participate in the 2009 Summer of Code! As you probably all know, the Nmap Project has benefited greatly from participating in that program for the past four years. I even wrote a blog entry for them about it: http://google-opensource.blogspot.com/2008/11/nmaps-fourth-gsoc-success-stories-and.html One of the most important requirements of a successful SoC is coming up with a great "ideas page" which lists summer projects that students can apply for. They can always come up with their own completely new ideas (and we encourage that sort of creativity), but most choose ideas from our list or at least start with one for inspiration. You can see our 2008 ideas page here: http://nmap.org/GoogleGrants.html So if anyone has an idea for Nmap (including Ndiff, Ncat, or Zenmap), please speak up!Off the top of my hat: o Full IPv6 support in every aspect of Nmap. I am seeing IPv6 on the rise, already over 50% of my personal incoming email is received over IPv6! The available v4 pool wont last much longer than perhaps three years. Nmap should get ready for the future as well and implement comprehensive support for IPv6. o SCTP based OS detection; would require the student to find practical differences in major SCTP stacks first, and then implement and test that. Major hurdle to make this a success would be the required or at least desired access to as many proprietary SCTP stacks as possible.The SCTP detection sounds really interesting, though as Michael Pattrick said, it might be a bit too large. However, it could possibly use osscan2.cc as a basic template, thus limiting the task to only mess with the SCTP kernel internals (which is big enough by itself I have to admit).
I did not mean to suggest to do SCTP based OS detection completely separate from what we have now.
Btw I think there are not that many SCTP stacks available.
There's the KAME/BSD stack, Linux, Solaris and IOS each come with their own, and then there are at least four different proprietary stacks.
Another unfortunate thing is that SCTP functionality is not usually enabled by default and many systems use a userspace library instead to implement SCTP. Despite these, SCTP by itself is a protocol that has not been researched as extensively as TCP and thus provides much ground for discovering new techniques against it. Another idea might be an official proxy scanning patch for Nmap. I discussed a bit about this with the folk at #nmap (efnet) and thought that maybe it's time for something that gets at last integrated with Nmap, if of course Fyodor and the rest agree. Porting Nmap to mobile phones might be another good idea (for example Google's android), though I think that something similar has been previously been proposed. I will hopefully apply for GSoC/Nmap this year, since I am really interested in Nmap and low level networking.
-- Daniel Roethlisberger http://daniel.roe.ch/ _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Google/Nmap SoC 2009 Project Ideas? Fyodor (Mar 09)
- Re: Google/Nmap SoC 2009 Project Ideas? Ron (Mar 09)
- Re: Google/Nmap SoC 2009 Project Ideas? Daniel Roethlisberger (Mar 09)
- Re: Google/Nmap SoC 2009 Project Ideas? Kris Katterjohn (Mar 09)
- Re: Google/Nmap SoC 2009 Project Ideas? Daniel Roethlisberger (Mar 11)
- Re: Google/Nmap SoC 2009 Project Ideas? Michael Pattrick (Mar 09)
- Re: Google/Nmap SoC 2009 Project Ideas? ithilgore (Mar 10)
- Re: Google/Nmap SoC 2009 Project Ideas? Daniel Roethlisberger (Mar 11)
- Re: Google/Nmap SoC 2009 Project Ideas? Henri Salo (Mar 14)
- Re: Google/Nmap SoC 2009 Project Ideas? David Fifield (Mar 14)
- Re: Google/Nmap SoC 2009 Project Ideas? Daniel Roethlisberger (Mar 14)
- Re: Google/Nmap SoC 2009 Project Ideas? David Fifield (Mar 14)
- Re: Google/Nmap SoC 2009 Project Ideas? Daniel Roethlisberger (Mar 14)
- Re: Google/Nmap SoC 2009 Project Ideas? Kris Katterjohn (Mar 09)
- Re: Google/Nmap SoC 2009 Project Ideas? Fyodor (Mar 14)
- Re: Google/Nmap SoC 2009 Project Ideas? Ron (Mar 11)