alexandru's status report #15 of 16

[alexandru <alex () hackd net>]

Hello all,

August 9, 2010

Status Report #15 of 16

### Accomplishments:

* Added validation for the 'targets' field to prevent invalid hostnames and IP ranges from being entered (there is a 
minor effort to check if the IPs are public or not). This also prevents injecting command-line options to Nmap since 
they don't pass the hostname test.

* changed the way we do progressive enhancement: the slide-out option menus on the "edit scan" page are hidden with 
JavaScript, as opposed to being revealed with CSS in the <noscript> tag. The latter (original) method didn't validate, 
and it was bad practice anyway to have CSS styling inline, in the HTML.

* Nmap stdout redirected to /dev/null so that the scan output doesn't fill the server logs (it would be otherwise 
placed in the Celery logs, but we don't need it)

* added logging 'headers' for when scans begin/end so that we can grep logs more easily

* added pagination to those views showing scans or their results, currently showing 10 entries per page

* various UI tweaks (capitalization fixes, layout improvements on the register/password change/password reset pages, 
text changes)


### Priorities:

* finish admin view

* AJAX notifications of scan completions (delayed)

* allow upload of files containing target lists (delayed)

* expose actions related to emailing when scans are completed in the Profile screen

* ensure documentation is up-to-date



Cheers!
 

--
@

Attachment: PGP.sig
Description: This is a digitally signed message part

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/