April 14th, 2003, 08:52 AM
enhancements to Nmap (port scanning network security tool)
I am trying to make enhancements or augmentations to the network port scanning utility called Nmap. I am in a way trying to assess its functionalities and then to investigate the possibility of enhancing it. The site for this tool can be visited by typing (http://www.insecure.org/nmap/index.html) in the URL window, which offers comprehensive ways to gain knowledge with regards to the utility mentioned.
I have thought of various forms of how to enhance the Nmap functionalities from what it already can offer. Therefore I was thinking alongside web servers and how nmap can get the name and version of the web server running on a computer.
In particular, this document, written by Boris Loza in 2600 Magazine (summer 2002) was very interesting in the sense that, it uses perl scripting to find out what web server runs behind a particular port. now I was wondering if you could suggest ways of incorporating this into nmap, using C scripts and also how it can be used to test for possible vulnerabilities on the name and
version of the web server...(whether IIS, Apache, iplanet)...?
For example: if there are a number of vulnerabilities in IIS, how do we test for them, using the enhanced version of nmap.
The URL for the boris loza perl script is as follows: (further down,
document on web servers and perl)
Thank you very much in anticipation
Now...these, in the field of software engineering development are seen to be good design strategies with regards to the utility mentioned above, however I am a bit sceptical in terms of their application in the practical sense. A good knowledge of C/C++ programming language may be required to make enhancements to the software possible, in a C or linux/unix environments. The source for this can be obtained from the following link:
Please encourage the development of this software by offering your experiences as to how to do the code writing and scripting to implement these ideas and offer your suggestions on furthering its possible enhancements.
June 15th, 2003, 05:53 PM
nmap is a port scanner. It's primarily designed to see what state ports are in. It's not designed to be a vulnerability identification tool. Try nessus if you want that.