Nmap /

LogArchive2008

March 2008

10: 1.75 h. Did 20 OS submissions. Wrote a script to help track how each submission was handled, for statistics purposes.
11: 8 h. Did 550 OS submissions. Enhanced the script that tracks how submissions were handled.
12: 8 h. Did 500 OS submissions.
13: 8.5 h. Wrote OS Integrator Assistant requirements. Did the last 400 OS submissions.
14: 8.25 h. Fixed an infinite loop bug in the DNS resolver. Compiled OS integration statistics. Experimented with automating Zenmap screenshots.
15: 2.25 h. Did all 63 OS corrections. Improved DNS caching code a bit.
16: 5.75 h. Rewrote and simplified some profile handling stuff in Zenmap. Fixed some minor bugs. Enabled script scan in the profile editor. Scaled back OS Integrator Assistant requirements.
17: 8.5 h. Debugged "Failed to open eth0" error. Responded to bug report email. Tried to find a solution to WinPcap difficulties.
18: 9 h. Shopped for a Mac. Ran ScanRand and Unicornscan. Looked at ScanRand in detail. Started writing Fixed rate. Started looking at Unicornscan in detail.
19: 9 h. Looked at Unicornscan delay in detail. Brainstormed about an Nmap implementation. Wrote a rate meter class. Started making data rate graphs. Shopped again for a Mac after my first source dropped out.
20: 8.25 h. Answered Summer of Code email. Created an nmap-fixed-rate branch. Wrote the fixed rate feature, needs some work. Second source for a Mac flaked out. Bought a Mac online.
21: 9.75 h. Worked more on fixed-rate scanning. Made some graphs and benchmarks.
22: 7.75 h. Lots more testing and experimentation on fixed-rate scanning. Consideration of and conversation about setting a minimum rate instead.
24: 8.5 h. Made graphs of sending rates. Wrote a minimum rate option, didn't commit it yet. Got a PDF of the book built.
25: 7.75 h. Made graphs and did more extensive testing of minimum-rate scanning. Made more tweaks to the book-building environment. Fixed a possible divide-by-zero bug in the rate meter. Merged the minimum-rate code and announced it. Worked on book image resolution.
26: 2.75 h. Made a sample document showing different ways of including graphics. Investigated the missing footnote problem and found that it's a known bug in FOP.
30: 2.5 h. Read through and ranked Summer of Code applications. Answered email. Looked at doAnyOutstandingRetransmits inefficiency.
31: 8.5 h. Committed a couple of small optimization changes to scan_engine.cc. Gathered some statistics on reducing the inefficiency. Set up Mac mini: Mac OS X. Did some research on getting a Zenmap package. Sent source for the prototype DocBook graphics document.

April 2008

1: 8.5 h. Tried two different ways of running Zenmap on OS X. Decided that the X11 method is probably best due to unreliability of native GTK+ libraries. Also automated some Zenmap Guide screenshots.
2: 11 h. Worked and worked at getting a .app bundle built. Wrote up instructions for MacPorts. Figured out Fink. Got a .app built of a trivial "Hello, world!" PyGTK project after looking at another project called Advene.
3: 8.5 h. Read a Summer of Code application. Posted a Zenmap on Mac OS X howto. Worked on a .app bundle. Got one mostly working. Looked at how Wireshark does it and decided to try to make the system I used better.
4: 7.75 h. Committed a script to build a bundle. Worked around some issues related to running a bundle. Started trying to build universal libraries.
6: 2.25 h. Summer of Code application evaluation.

Total March 10–April 6: 162.75 h.

7: 8.5 h. Built an universal .app. Set up an environment to build both universal and Intel-only .apps. Read about the Apache FOP footnotes workaround.
8: Built a disk image. Fixed a bug having to do with allocating memory for printed messages in idle scan. Worked on FOP footnotes for a while.
9: Ranked all Summer of Code applicants on the web app. Made a list of my top recommendations. Wrote the book section on --min-rate. Debugged a "too many open files" error on OS X.
10: Debugged a crash and asked for more information. Discussed Summer of Code applicants. Made the RPM build use included libraries. Removed some gen-1 OS code.
11: Removed the tcpsequence element's class attribute from the Nmap XML output. Tested it with Nmap::Parser and Nmap::Scanner, although I couldn't get Nmap::Scanner to work. Worked on improving scan engine efficiency.
22: Caught up on email. Fixed a Zenmap segmentation fault. Had a meeting with Fyodor.
23: Sent letters of regret to unselected Summer of Code applicants. Verified an assertion failure in RateMeter. Fixed a logic bug in printStatusMessage. Worked on packaging for OS X.
24: Tried out Vladimir's stinkfist.py program. Fixed the integer overflow in RateMeter. Committed some code to build a .mpkg for Mac distribution.
25: Sent Summer of Code email. Watched the PortBunny presentation. Worked long and hard on Mac OS X packaging; submitted a MacPorts ticket. Had an IM conversation with Michael.
26: Fixed the MacPorts problem I was having. Build a 10.4-compatible universal build environment.
27: Subscribed to nmap-svn. Wrote email asking my students to commit their timelines. More Mac packaging.
28: Mac packaging (wrapper script escaping). Had an IM meeting with Fyodor and an IRC meeting with Zenmap developers. Wrote a draft of the Zenmap vision.
29: 8.75 h. Added extra nmap executable search paths on Mac OS X and Windows. Documented it. Built the readme and license into the OS X installer.
30: 6.5 h. Chatted with Michael about development priorities. Tried to port the license formatting scripts to BSD sed but decided to defer it. Wrote a test script for the wrapper in the Mac OS X application bundle. Released version 4.60-test2 of the package.

May 2008

1: 8 h. Debugged error reports from the test2 package. Tried to have make uninstall uninstall Zenmap too. Merged in the doAnyOutstandingRetransmits performance improvement.
2: 8 h. Tried debugging Mac packaging. Reproduced the gthread crash on my machine. Changed --without-nmapfe to --without-zenmap in the book. Zenmap uninstall. Released nmap-4.60-test3.dmg.
3: 2 h. Built a Mac package against the Subversion py2app instead of Apple's in an attempt to make the package work on 10.4. Released nmap-4.62-test4.dmg.
4: 2 h. Built the 10.4 version of X11 from source and rebuilt a MacPorts environment around it.
5: 9.25 h. Sent the Zenmap vision to nmap-dev. Made uninstall use DESTDIR. Enhance the Zenmap uninstaller and make it more safe. Split out Zenmap uninstallation in the makefile. Evaluated Michael's OS assistant prototype. Released nmap-4.62-test5.dmg.
6: 8 h. Analyzed a report from test5. Verified that NSIS uninstall works. Tried to analyze doAnyOutstandingRetransmits performance improvements under Windows but hit a snag. Committed a first version of Zenmap uninstall.
7: 8.5 h. Checked out a bug with Zenmap crash reporting. Made the Zenmap uninstallers delete directories. Closed a bunch of SourceForge bugs. Removed some deprecated methods. Listened to an NSE IRC meeting. Made some changes in the installation chapter.
8: 7.5 h. Analyzed a bug reported by a test5 tester. Discussed fingerdiff issues with Michael. Tested the packages on a PowerPC Mac at school.
9: 7 h. Fixed some book typos. Regenerated macports-1.7.0-universal.diff because my patch was accepted. Met with Jurand to plan his first few weeks of activity. Built new versions of openssl and cairo that are linked against the 10.4u SDK. Released nmap-4.62-test6.dmg.
10: 8 h. Released nmap-4.62-test7.dmg. Verified a Zenmap bug report. Debugged OSassist with Michael. Started documenting NmapCommand.py.
12: 9.5 h. Removed a duplicate definition from nmap.dtd. Documented zenmapCore/NmapCommand.py. Met with Jurand to discuss Zenmap changes.
14: 11 h. RSS. Scheduling meeting with Michael. Worked with Michael on the DNS caching bug.
15: 11.5 h. RSS. Worked through 10 OS submissions with Michael using the old and new tools. Looked at Jurand's nmap_command_path patch. Updated the Zenmap Guide to note Jurand's fix. Wrote a new requirement for the OS integrator (it has to accept input from a pipe).
16: Announced the RSS with excerpts to nmap-dev.
17: 7 h. Struggled with Zenmap and running Nmap with elevated privileges. Wrote an email to nmap-dev summarizing the current status.
18: 3 h. Experimented with running Zenmap as root.
19: 10 h. Found the source of an endian-related bug in the U1.RID test. Planning meeting. Worked on Zenmap authorization. Wrote Zenmap command line. Removed a superfluous test for $CXX in configure.ac that made ccache not work. Integrated a NSE HTTP lib patch.
20: 8 h. Made an authorization wrapper for Zenmap. Released nmap-4.62-test8.dmg. Sent a summary of the RID byte order bug to Michael to help him fix it. Met with Jurand to talk about command line improvements. Researched and removed a <remark> about data in RST packets.
21: 9 h. Sent an improvement patch to Patrick. Released nmap-4.62-test9.dmg. Debugged with Michael and Jurand. Updated the OS detection chapter to use current examples. Made a few other improvements to the book.
22: 8 h. Updated examples in the OS detection chapter. Wrote the section on nmap-os-db. Made relevant parts of the text use XPath. Fixed a bug related to focus in Zenmap. Fixed a crash with Zenmap loading files with multibyte character encodings.
23: 8 h. Sent comments on documentation changes. Fixed XEP rendering errors. Talked with Michael about endian issues. Regenerated congestion control graph.
26: 9.75 h. Had a meeting. Replaced the little eye icon in the book footer. Fixed up scan delay graph. Talked with Jurand.
27: 10.75 h. Fixed a bug I had introduced that caused liblua to be built improperly. Sent some suggestions on the search interface. Extensively reviewed Michael's ping probe organization patch. FIgured out a way to do font embedding in PDF.
28: 9.5 h. Reported a bug with the -p option not rejecting stray ] characters. Disallowed duplicate ping scan specifiers. Created a <continuation> line break element and then removed a bunch of occurrences of it. Submitted a patch for a grepable output bug. Made enhancements in the ping probe reorganization. Outlined the Mac OS X installation section.
29: 12 h. Finished the Mac OS X installation section. Made the style of the Zenmap chapter better match that of the rest of the book. Wrote the "why Zenmap?" section. Use OSassist for a while, fixed some things, and sent Michael a little report. Made the command constructor wizard figures take up less space, and made some other improvements to the Zenmap chapter.
30: 6 h. Replied to Jurand's post on the command line modifications with my ideas. Verified that SSL service scanning works on Windows. Talked with Jurand. Fixed diffs of plain Nmap XML files. Replied to Fyodor's suggestion of a filtering ability for Zenmap.

June 2008

1: Uploaded nmap-4.65.dmg.
2: 8.75 h. Tinkered with OSassist. Re-verified a Windows --iflist bug and sent a summary to Michael. Fixed a little Zenmap encoding bug (locale.getpreferredencoding returning None). Reviewed Vladimir's latest search interface changes.
3: 10 h. Reviewed Vladimir's latest search changes. Reviewed a patch of Michael's and sent him suggestions. Committed min-rate performance improvements. Worked with OSassist some more.
4: 9 h. Wrote the section on HTML output. Made sample packet diagrams for the book. Reviewed Vladimir's latest patch.
5: 7 h. Sent some feedback on OSassist. Sent a followup to a bug report on NSE exceptions. Fixed another Zenmap crash having to do with character encoding. Tested Jurand's pixmaps fix. Updated the Zenmap spec file. Worked more on packet diagrams.
6: 7.75 h. Redid all the Ereet diagrams. Sent draft replacements for the scan delay graph to nmap-writers. Did about 50 OS submissions and hacked OSassist on the way.
7: 2 h. Cleaned up and refactored NmapCommand.py.
9: 8.5 h. Sent MacPorts changes upstream. Fixed an error where trying to read scan results with a non-UTF-8 encoding would cause a crash.
10: 9.5 h. Added Ghostscript fonts to the book repository. Tried using DocBook's SVG admonition graphics. Perused Michael's nmap-random-range changes. Investigated Windows interface names.
11: 8.75 h. Spent all day working on making nmap --iflist robust on Windows. Sent a long summary to nmap-dev. Adjusted the alignment of the footer eye icon.
12: 11.5 h. Made --iflist show leftover WinPcap devices too. Wrote a script to find duplicate words in the book. Investigated "dnet: Failed to open eth4." Evaluated Vladimir's and Michael's recent changes.
13: 11 h. Further researched the "Failed to open eth4" problem. Extensively hacked on OSassist and the test program.
14: 4 h. Reviewed IBM's AIX patch and sent back suggestions.
16: 7.5 h. Audited book figures. Did some other book proofreading. Made a few minor changes to the OSassist tester. Started remaking the idle scan diagram.
17: 8 h. Finished running the OSassist tests. Worked on the idle scan diagram. Reviewed a patch by Michael. Finished samples for idle scan diagrams.
18: 11.25 h. Removed the exclusion of refmeta, refnamediv, and refsynopsisdiv from the man page. Added man and notman elements. Wrote a section on data files related to NSE. Reviewed a code cleanup patch by Michael. Reviewed Vladimir's latest search patch. Committed new idle scan diagrams.
19: 7.75 h. Finished up the idle scan revision. Made demonstration changes to cause URLs to be set in italics.
20: 11.5 h. Made a Windows interface debugging branch. Changed the idle scan diagrams from informalfigures back to figures. Made nmap-4.65-debug-1-win32.zip. Loaded up my students with tasks.
29: 2 h. Read about DocBook indexing. Book index. Renamed the index section "Symbols" to "Options".
30: 10.5 h. Read about indexing in the Chicago Manual of Style. Removed services.dmp and os_db.dmp. Indexed nmap-intro.xml. Worked with Jurand on some enhancements. Reviewed Ndiff.

July 2008

1: 8 h. Rewrote the search section of the Zenmap chapter. Indexed nmap-install.xml.
2: 10.5 h. Indexed host-discovery.xml, port-scanning.xml, scan-methods.xml, performance.xml, and version-detection.xml.
3: 10 h. Indexed os-detection.xml, scripting.xml, defeating-firewalls-ids.xml, and defending-against-nmap.xml. Chatted with Fyodor about strategies for large-scale scanning. Looked at a patch from Jurand.
4: 2 h. Indexed by hand the remaining chapters.
5: 4 h. Indexed zenmapguide.xml, output-formats.xml, and data-files.xml.
6: 8 h. Indexed refguide.xml, legal-notices.xml, and nmap-app-dtd.xml. More proofreading. Copyedited the index.
7: 8.75 h. Wrote new tasks for students. Responded to discussion on MacPorts ticket #15569. Wrote a prototype of caching ping probes between host discovery and port scanning. Incorporated new high-definition Trinity images in the book.
8: 3 h. Used new packet header diagrams. Made the Zenmap vulnerability icons display in the book look better.
9: Removed duplicate index entries, made other proofreading improvements.
10: Ping probe caching. Reviewed Michael's license formatting script.
11: Decreased top book margins. Removed some resultant duplicate index entries. Fixed a logical inconsistency in timing ping probe storage (the ping probe state was used to store both host and port states). Change the ping probe replacement strategy to use a well-defined order. Did my midterm surveys.
12: Ran the duplicate-word script and fixed a couple of duplicates. Normalized replaceables and put angle brackets around them in some circumstances. Converted protocol names to lower case.
13: Made small changes and book corrections. Spell checked the whole thing. Had a long mideterm Zenmap meeting. Found out how to abbreviate cross references. Abbreviated all cross references where appropriate.
14: Did about 220 OS submissions. Made changes to the OS integration tools.
15: Did about 300 OS submissions and 40 OS corrections. Reviewed Vladimir's topology proposal.
16: Did 127 OS submissions. Wrote up highlights. Removed Psyco from Zenmap. Compared Nmap and Zenmap XML output: Comparing Nmap and Zenmap XML.
17: Reviewed some Summer of Coders' work. Canonicalized Zenmap's internal representation of options as dicts. Finished the comparison of XML formats and wrote to nmap-dev.
18: Documented the conditions under which scans are saved or not saved in the recent scans database. Made Nmap output in Zenmap be represented always as a unicode object. Fixed a crash that happened when trying to refresh the output on a scan loaded from a file. Did 30 OS submissions.
20: Brainstormed with Vladimir about scan aggregations.
21: Added rudimentary support for viewing aggregations to Zenmap.
22: Worked on integrating zenmap.desktop. Had a meeting with Fyodor. Merged a license fix from Umit. Did 100 OS submissions.
23: Removed from Zenmap a bogus check for write access to a path that caused some legitimate saves to fail. Fixed the display of scan details when loading a result from the database. Made Zenmap re-use the file selector dialog so it remembers what directory you were last looking at. Made the "About" dialog be reused. Made the file selector show both *.xml and *.usr files by default. Did 180 OS submissions. Made Nmap avoid printing the sending rate in bytes during a TCP connect scan.
24: Much cleanup of Zenmap code. Enabled "Save as" behavior. Made Enter select in file selectors. Removed the "Are you sure" warning when closing a tab. Sent a message to nmap-dev asking about the removal of Zenmap's output redirection. Wrote unit tests for an Nmap command line parser. Wrote a prototype of the parser.
25: Did all 38 OS corrections. Made some .desktop file modifications. Fix the display of the message informing the user that the scan has been cancelled. Worked more on the implementation of the command line parser. Wrote the nmap-top-ports.py utility to collect port frequency data.
27: Added the .desktop files to the Zenmap RPM. Made rewriting of .desktop files independent of DESTDIR. Debugged a reported Mac OS X ncat problem.
28: Removed Zenmap output redirection. Added a try block around the setting of text_factory for versions of pysqlite that don't have that attribute. Fixed an obscure error having to do with the removal of output options. Fixed and cleared out a bunch of SourceForge bugs. Started implementing --max-rate.
29: Added --max-rate and tested it.
30: Tested modifications to --nogcc and --max-rate.
31: Make Zenmap record all the OS matches found, not just the last. Researched and fixed a subtle bug with IP protocol ping scans.

August 2008

1: Gave nmap-top-ports.py the ability to sort by frequency. Thought about the Zenmap interface. Refactored ScanNotebook.py. Worked with Jurand on context-sensitive help. Added support for simultaneous scans and scan selection in zenmap-aggregation.
3: Re-enabled scan details. Made enhancements to nmap-top-ports.py.
4: Had a meeting. Started investigating bit.so failure in RPM.
5: Committed a change to fix bit.so (and C modules in general) in static builds. Wrote help for 13 profile editor options (Ping and Scripting groups).
6: Finished the command line parser. Made an Autotools build system for ndiff. Added a "Scans" tab to zenmap-aggregation.
7: Made some Zenmap documentation updates. Updated the MacPorts patch. Unified topology tabs with the rest of the Zenmap interface.
8: Looked into possible UDP scan memory leak.
9: Added the ability to remove a scan.
11: Changed --max-rate to catch up when the sending rate is low; see http://seclists.org/nmap-dev/2008/q3/0236.html. Fixed a segmentation fault in ndiff. Had a meeting. Worked on removing the scan notebook and having separate inventories in separate windows.
12: Zenmap interface refinement. Greatly improved the efficiency of loading nmap-services.
13: Did research on solving the lack of getaddrinfo on Windows 2000. Researched completion time estimates.
14: Research and experimentation on completion time estimates.
15: Research and experimentation on completion time estimates. Made some small documentation fixes. Generalized RateMeter. Helped with the zenmap-help merge.
16: Research and experimentation on completion time estimates.
17: Estimated completion time. py2exe experimentation. Missing getaddrinfo on Windows 2000.
18: Removed profile hints and annotations. Gave Zenmap knowledge of -A. Wrote descriptions of Zenmap profiles. Removed the hard-coded xmloutputversion in nmap.dtd. Researched uptime anomalies; found http://lkml.org/lkml/2008/2/15/244.
19: Upgraded shutil to version 2.0.8.
20: Debugged inet_ntop and inet_pton problems on Windows. Fixed TCP/UDP checksum calculation code. Wrote a test plan for Zenmap save to directory. Made port set graphics. Started removing the use of temporary files.
21: Got rid of the rest of Zenmap's temporary files. Built Ncat into the Mac OS X installer.
22: Worked on a problem with static linking on amd64 and posted an analysis. Made the loading of configuration files nicer both internally and in the user interface.
23: Found a solution to Windows API troubles with Visual Studio 2008.
24: Evaluated Vladimir's save-to-directory patch and gave him the go-ahead to merge. Posted on Zenmap profiles. Started adapting Zenmap chapter for soon-to-be-merged changes.
25: Did more updating of the Zenmap chapter. Assisted with the zenmap-aggregation merge. Had a long chat with Fyodor. Forwarded the proposal to drop shared NSE modules.
26: Answered email about removing NSE modules and the aggregation merge. Changed "Uptime" to "Uptime guess" and updated the documentation. Submitted a patch for better detection of integer types in nbase. Outlined the topology section in the book.
27: Finished writing the topology section and added an example of aggregation.
28: Overhauled Zenmap profiles. Tried to solve Zenmap as root on Fedora.
29: Fixed a Zenmap crash when comparing two files, either of which has more than one extraports element. Cleaned up some SourceForge bugs. Made Zenmap escape % strftime format specifiers in file names. Let Zenmap handle -oA as well as -oX. Updated documentation to match. Fixed some index entries.
30: Started integrating the command line parser. Made the target entry and command entry update each other. Moved the higwidgets package to avoid naming conflicts with Umit.

September 2008

2: Made more progress on the XML unification.
3: Wrote most of Ndiff and lots of unit tests.
4: Integrated some mailing list patches. Added --min-ports and --max-ports options to nmap-top-ports.py. Made performance improvements in nmap-top-ports.py. Finished all requirements of Ndiff. Removed nselib-bin.
5: Answered mailing list email and merged some patches. Tested a build on OS X. Fixed a bug in Zenmap that made all scans appear unsaved. Wrote a patch to make traceroute pick better probes. Fixed a bug with the storage of scan names in Zenmap. Integrated ASN.nse and changes to ipOps.lua. Fixed a few Zenmap file choosed bugs.
6: Fixed some last-minute release bugs with Fyodor. Made nmap-4.69BETA1.dmg.
7: Answered some mailing list questions. Made nmap-4.75.dmg.
8: Fixed an assertion failure. Potentially fixed a file name encoding problem on Windows. Researched the appearance of \r\r in script output on Windows. Make the RPMs be built with OpenSSL. Sorted scripts into the "external" category.
9: Documented the "external" script category. Improved syntax highlighting regular expressions. Installed Windows XP. Worked on encoding issues with non-ASCII user names.
10: Fixed the prevalent utf8 decoding bug and wrote up a summary of some related issues. Fixed a bug with the hosts viewer crashing if it had an empty list of hosts. Fixed a bunch of other reported crashes.
11: Wrote up CHANGELOG entries for recent Zenmap fixes. Wrote documentation for Ndiff. Built Ndiff into the installation process for GNU/Linux and Windows.
12: Built Ndiff into the installation process for Mac OS X. Made an RPM specfile. Fixed the occurrence of "\r\r" in script output. Rewrote the section on compiled NSE modules to be about static modules.
14: Fixed "version" category scripts running twice. Improved documentation of some NSE code.
15: Added submitted SMB and NetBIOS NSE libraries. Added a submitted DNS timeout patch. Fixed a bug with using CXXFLAGS when making makefile.dep. Made some Mac OS X-related changes to the Ncat merge.
16: Merged an update to the ASN.nse script. Overhauled NmapOptions.
17: Got the command line parser working in the profile editor. Prepared for the Ndiff merge.
18: Released Ndiff. Found the cause of random huge delays when scanning OS X—failure to store the time a previous probe was sent in probes put on the bench.
19: Committed a fix for the huge scan delay problem. Tested the libdnet 1.12 upgrade. Effected the XML unification.
20: Made documentation updates for recent Zenmap changes.
22: Fixed a bunch of little Zenmap crashes. Wrote some mail with suggestions and requirements for the proposed openssl NSE module.
23: Investigated making Zenmap fonts bigger on Mac OS X. Started writing a script to get statistics on OS matching. Documented --max-rate in the performance chapter. Updated book sections to discuss port frequencies.
24: Wrote and fleshed out fp-stats.py, a script to get statistics on OS matching. Did some tests and recorded statistics.
25: Wrote a book section on phases of an Nmap scan. Solved some Solaris compatibility problems. Allowed grouping by common test name in fp-stats.py.
26: Made a minor adjustment to OS fingerprint-matching code to facilitate experimentation with different MatchPoints values.
28: Wrote up a brief report and summary of OS matching statistics.
29: Fixed a minor Zenmap bug. Did proper URL formatting of the file name of nmap.xsl in XML output. Went through old email reports. Committed a gtkrc file for Mac OS X to make the fonts bigger.
30: Wrote suggestions for proposed MSRPC library and scripts. Wrote comments on changes to showHTMLTitle.nse.

October 2008

1: Made Zenmap output scroll automatically. OS scanned UCSD machines. Created an nmap-os branch and experimented with adjusting T test expressions to wider ranges.
2: Merged a fix for HTTP_open_proxy.nse. Made Zenmap use a proper URL when launching the help file. Evaluated and committed a submitted http.lua patch.
3: Committed a further patch to http.lua. Reviewed a tohex patch. Refactored OS fingerprint output code in the nmap-os branch. Evaluated and made suggestions on updated SMB/MSRPC scripts and libraries. Made configure check for GTK+ and PyGTK when deciding whether to build Zenmap.
4: Re-scanned the 10,000 IPs with a lower threshold for match printing and compared the results. Comitted Ron Bowes's msrpc NSE module and other changes. Reverted the GTK+ and PyGTK configure tests.
5: Merged enhancements to showHTMLTitle.nse. Refactored some code in that script. Wrote a summary of the effects of lowering the threshold for printing an OS match.
6: Did many OS detection tests. Made changes to fp-stats.py. Had a meeting with Fyodor, mostly about OS detection.
7: Did many OS detection tests. Indexed new book material. Wrote summaries of measured TTL deviations, corrected statistics having to do with the lowering of the match threshold, wrote a summary of the effects of using the TG test exclusively instead of T.
8: Checked Sven's latest OpenSSL patch and gave him the go-ahead for merging. Fixed a bug with host details windows being unclosable in Zenmap. Assisted with the OpenSSL merge. Updated the book section on compiled NSE modules to use openssl instead of hash.
9: Adjusted fingermatch to deal with ranges in T test expressions.
10: Tested SMB script updates. Sorted OS detection stats by failure rates.
13: Tested SMB script updates. Tested nmap-os adjustments.
14: Normalized NSE documentation of scripts. Made a chart comparing the results of running the nmap trunk and nmap-os branch against known reference hosts.
15: Helped Ron troubleshoot Windows authentication. Merged all the module documentation.
16: Helped troubleshoot Windows authentication some more. Merged module documentation from the Nmap API section. Rewrote some sections, made minor fixes.
17: Tabulated nmap vs. nmap-os results. Made NSEDoc produce DocBook. Consulted with Fyodor on OS detection accuracy. Asked the list for known hosts.
18: Implemented a solution for line breaks in NSEDoc DocBook output.
19: Went through old email, answered questions, integrated a few small patches, fixed minor bugs.
20: Fixed a logic bug.
21: Coordinated with volunteers to do the second round of OS scans.
22: Rewrote the NSEDoc markup parser to be more modular. Added support for bulleted lists. Did the second round of reference OS scans.
23: Rewrote the section on NSE documentation. Fixed up the documentation in some scripts.
24: Applied a patch by jah to fix LuaDoc logging. Fixed NSEDoc error messages. Updated and proofread documentation of all modules with the exception of SMB modules. Changed the book to use skype_v2-version.nse instead of showHTTPVersion.nse and asked a question about version detection from NSE. Updated documentation in all the scripts except the SMB ones.
27: Altered NSEDoc HTML titles to include module names. Added a workaround to Zenmap for a PyXML parsing bug. Analyzed the second batch of reference scans: Reference OS scans 2.
28: Made an analysis of what tests other than T and TG most commonly fail and in what ways. Fixed fingerfix to output only those TG values that Nmap can output. Made NSEDoc get rid of the "scripts/" prefix for scripts. Moved the files/scripts/ tree to just scripts/.
29: Fixed an index entry. Evaluated latest SMB/MSRPC scripts. Did a careful review of what OS detection probes get dropped by stateful packet filters.
30: Fixed some typos and duplicate words. Investigated a Zenmap bug. Fixed some cross-reference labels. Did some minor proofreading. Wrote a patch for getting the list of IPv6 servers even with -6. Had a meeting to discuss OS detection. Measured the effect of removing the IE.TOSI and U1.TOS tests.
31: Followed up on a Mac OS X display crash. Discovered an anomaly in the OS results: the printed match percentage doesn't always match the printed fingerprint. Corrected for that and measured the effect of removing the IE.TOSI and U1.TOS tests with and without the T and TG changes: Reference OS scans 2. Merged nmap-os changes to the trunk. Sent an updated patch for IPv6 DNS servers.

November 2008

2: Committed the IPv6 DNS patch.
3: Made some small NSEDoc output changes. Did a quick code review of SMB/MSRPC improvements. Merged SMB/MSRPC improvements. Proofread and formatted merged changes. Allowed HTML NSEDoc to show script arguments on module pages. Had a meeting. Started work to include only summaries of modules in DocBook output.
4: Made NSE output include script file names, not ids. Removed ids from scripts. Adjusted documentation to remove references to script ids. Made other proofreading changes.
5: Fixed a character encoding problem in the seclists RSS feeds. Had a meeting to discuss script names. Renamed almost all the scripts. Updated documentation. Answered a few mailing list questions.
6: Made another tweak to the RSS feeds. Spell checked the book. Fixed a format string in a diagnostic message. Did book proofreading. Adjusted some Zenmap figures.
7: Tested whether the script registry is persistent across host groups (it's not). Applied a contributed http-auth.nse patch. Fixed a nagging Zenmap crash under OS X. Removed empty parentheses following function names in NSE documentation. Fought for a better page break in the Zenmap chapter.
10: Helped Ron with the MS08-067 merge. Ran checking scripts on the book source. Book visual proofreading. Put categories and scripts before libraries in NSEDoc HTML output. Had a meeting. Renamed a script and reformatted some script documentation. Regenerated some Zenmap figures. Ran book checking scripts.
11: Updated fingerfix to automatically expand T tests. Integrated about 100 OS submissions.
12: Did 300 OS submissions.
13: Reviewed the book cover. Did 440 OS submissions.
14: Did all 51 OS corrections. Wrote up highlights. Updated the MacPorts patch. Made script.db sorted. Documented POP3 capabilities.
15: Discovered a way to induce a stack overflow in dns.lua.
17: Fixed a parsing bug (mine) in fingerfix. Answered a bunch of mailing list questions. Had a meeting. Wrote a patch to make the NSE registry persistent.
18: Made scripts use a more straightforward return style. Made the NSE registry persist across host groups.
19: Fixed the dns.lua stack overflow. Did a quick review of the nse-lua branch and sent suggestions to Patrick. Improved an error message on Windows.
20: Wrote a patch to show a warning whenever raw sockets are used on Windows. Fixed inconsistent rounding of OS scan match percentages. Gave Zenmap the ability to read and write XSL stylesheet information. Fixed Zenmap internationalization. Made the Zenmap crash reporter more private.
21: Made the Zenmap diff viewer read Ndiff XML.
23: Made Ndiff invocation non-blocking.
24: Fixed some process cleanup issues in zenmap-ndiff. Had a meeting. Investigated some Zenmap crash reports.
25: http://seclists.org/nmap-dev/2008/q4/0562.htmlMerged zenmap-ndiff. Started making performance notes.
26: Did host enumeration and benchmark preparation. Ran initial benchmarks. Tried some small changes in nmap-perf.
28: Ran more benchmark scans. Read several RFCs related to congestion control. Tried further changes in nmap-perf.
29: Helped troubleshoot route problems on OS X.

December 2008

1: Had a meeting. Sent a summary of performance benchmark scans so far.
2: Improved the benchmark script. Ran several more benchmarks, looking for consistency.
3: Made changes in nmap trunk that were beneficial in the nmap-perf branch. Rebooted the nmap-perf branch. Changed send delay to maximum send rate.
4: Refactored some nmap trunk code to facilitate nmap-perf changes. Made maximum sending rate be based on the current sending rate using a RateMeter.
5: Checked out Common Platform Enumeration. Tried a method of scan rate changed that's like congestion avoidance.
6: Integrated a German Zenmap translation: Translations. Investigated nmap --iflist on Mac OS X.
7: Tried an approach to scan delay using packet receipt rate.
8: Answered some old mailing list questions. Did a review of an NSE patch. Wrote a summary of performance work so far. Made maximum sending rate be based on the packet receipt rate. Allowed the sending rate to recover.
9: Restored the function of --max-scan-delay and --min-scan-delay. Tried various things to improve the accuracy of the rate measurement. Removed a one-second enforced delay whenever the maximum tryno is increased, which unfortunately makes UDP scan go too fast.
10: Experimented more with scan delay. Investigated the Mac OS X rate limit.
11: Replaced the one-second delay with a congestion window contraction.
12: Experimented more with scan delay.
13: Wrote some normalization to make rate measurement at the beginning of a scan more reliable.
14: Try scaling the measured receive rate by the host's responsiveness ratio.
15: Scaled receive rates by the each host's share of the overall sending rates. Had a meeting with Fyodor. Tested the new per-host scaling and found that it fails when you can send faster than the sum of the rate limits.
16: Made send delay be based on the measured receive rate.
17: Tested ways to make the new send delay technique work in all situations. Started investigating a reported failure of OS scan on Windows. Committed a fix for a bug that turned out not to solve the problem.
18: Continued working on and debugging the Windows OS scan problem. Rebuilt the TCP cheat ports list based on a nmap-services frequency data.
19: Fixed the bug with OS scanning on Windows. Refactored osscan2.cc a bit to facilitate it. Added some more cheat TCP ports.
22: Fixed a bug I had introduced: only increase max_successful_tryno on a positive response. Tried alternative ways of calculating responsiveness. Wrote a script to count port states in an output file. Refactored some code.
23: Made graphs of scan rate versus scan time. Tried more aggressive rate reduction. Tried adding a delay to settle the sending rate meter to the new rate. Tried setting the send receive rate directly with no delay.
24: Removed direct setting of the sending rate meter. Set the target sending rate to 105% of the estimated receive rate. Asked for testing of nmap-perf.
26: Went back to a one-second delay on new tryno. Fixed a bug that caused exhaustion of sockets with certain connect errors.
27: Tried an exponential moving average to track drops.
28: Checked out an NSE openssl bug. Improved the documentation of nmap.new_try. Sent suggestions to prospective Nping developers. Reviewed a big NSE improvement patch.
29: Made RateMeter support pausing and resuming to improve measurement accuracy across enforced delays. Ran a round of benchmarks.
30: Fixed an assertion failure in RateMeter in nmap-perf. Installed an update of the German Zenmap translation. Ranked TCP probes that result in a filtered state lower to reduce the chance that thay will become timing pings.
31: Ran new benchmarks and wrote an analysis.