#1
  1. No Profile Picture
    associate
    Devshed Newbie (0 - 499 posts)

    Join Date
    Apr 2003
    Posts
    4
    Rep Power
    0

    enhancements to Nmap (port scanning network security tool)


    Hello everyone....

    I am trying to make enhancements or augmentations to the network port scanning utility called Nmap. I am in a way trying to assess its functionalities and then to investigate the possibility of enhancing it. The site for this tool can be visited by typing (http://www.insecure.org/nmap/index.html) in the URL window, which offers comprehensive ways to gain knowledge with regards to the utility mentioned.

    I have thought of various forms of how to enhance the Nmap functionalities from what it already can offer. Therefore I was thinking alongside web servers and how nmap can get the name and version of the web server running on a computer.

    In particular, this document, written by Boris Loza in 2600 Magazine (summer 2002) was very interesting in the sense that, it uses perl scripting to find out what web server runs behind a particular port. now I was wondering if you could suggest ways of incorporating this into nmap, using C scripts and also how it can be used to test for possible vulnerabilities on the name and
    version of the web server...(whether IIS, Apache, iplanet)...?

    For example: if there are a number of vulnerabilities in IIS, how do we test for them, using the enhanced version of nmap.

    The URL for the boris loza perl script is as follows: (further down,
    document on web servers and perl)

    http://dinomite.net/news_old.php

    Thank you very much in anticipation

    Now...these, in the field of software engineering development are seen to be good design strategies with regards to the utility mentioned above, however I am a bit sceptical in terms of their application in the practical sense. A good knowledge of C/C++ programming language may be required to make enhancements to the software possible, in a C or linux/unix environments. The source for this can be obtained from the following link:

    http://download.insecure.org/nmap/di..._1.3.0_src.zip

    Please encourage the development of this software by offering your experiences as to how to do the code writing and scripting to implement these ideas and offer your suggestions on furthering its possible enhancements.

    Sincerely,

    regards,

    Hugh72
  2. #2
  3. Full Access
    Devshed Regular (2000 - 2499 posts)

    Join Date
    Jun 2000
    Location
    London, UK
    Posts
    2,019
    Rep Power
    17
    nmap is a port scanner. It's primarily designed to see what state ports are in. It's not designed to be a vulnerability identification tool. Try nessus if you want that.
    Alex
    (http://www.alex-greg.com)

IMN logo majestic logo threadwatch logo seochat tools logo