If you use Nmap, do the Nmap survey!

[iago]

Vote yes on the paperclip!

Hello Everyone,

What do "version detection", "service detection", "performance
improvements", "runtime time estimates", "categorized OS detection",
and "target mac address printing" have in common?

They are all desired features voted into the top 10 list in the last
Nmap User Survey which were then implemented.  With Nmap 4 behind us,
it is now time to make a roadmap for the next big development cycle.
That calls for another survey to determine what you guys, the users,
really want.  I made a list of a couple dozen features for you to
rate, and you can also add your own ideas in the comments section.

In addition, the popular Top Security Tools page
(http://www.insecure.org/tools.html) is getting a bit crufty since it
is based on your 2003 preferences.  In 2003 we saw the rise of
wireless tools, web scanners, and more authentication crackers.  What
tools and classes of tools do you find most useful in 2006?  I'm also
interested in what security web sites you find valuable.

To answer these questions, I have designed and posted a new survey at:

  http://www.insecure.org/nmap/survey.html

Please take a few minutes to fill it out.  It is only one page with 15
questions (some are compound questions though).  It is completely
anonymous unless you choose to provide your name.  Also, only
aggregate results are posted.  The 2000 survey had 1,200 responses,
2003 had 1,854, and I'm hoping to see 2,500 this year!  When we reach
that number, I'll close the survey and start tabulating the results.
You can help us get there as soon as possible by taking the survey
now.

The third-most valuable section is the general (private) comments
field.  Many people have shared useful insights and valuable
information there, so I read all of those particularly carefully.

As always, results will be analyzed and posted so that you can benefit
from each other's experience.  This is meant to survey only
nmap-hackers members, so please don't link this survey from your web
sites or post to other mailing lists.  Asking your
employees/customers/users to vote in order to enhance your
product/site ranking is also prohibited.

Thanks,
Fyodor

PS:  Here is that URL again: http://www.insecure.org/nmap/survey.html


_______________________________________________
Sent through the nmap-hackers mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-hackers

[Sidoh]

HAHAHAHA!  I love developers that have a sense of humor.

Additionally, I saw this on the first link in your e-mail:

Ethereal: Sniffing the glue that holds the Internet together

Hahahahah....

[iago]

Haha, Ethereal has the best slogan

Another nice part of Nmap:

<LI>My use of Nmap is
<SELECT NAME=use>
<option value=unanswered>Unanswered
<option value=job>Job related
<option value=personal>Personal
<option value=both>Both
<option value=neither>Neither -- I just like surveys!
</SELECT>

[Quik]

Wonder who suggested this one:

Occasionally give bogus results to keep users on their toes

WTF??

I was tempted to choose "I like surveys" because I do and it's humorous, but I was taking the entire thing completely serious. My only slip was submitting the paperclip as an exquisite idea, and including it as a "great feature" in my comments. That, and listing the security boards here as where I get my security information, but that's not a shameless plug, it's the truth! It asked!

Hrm, submitted my $0.02.

[iago]

Wonder who suggested this one:

Occasionally give bogus results to keep users on their toes

Haha, I ranked that at medium

[Ergot]

Digital Restrictions Management (DRM) features: Refuse to function without license key, require registration and EULA acceptance to download.

Extraordinarily Cool!

[iago]

The raw results are in:

So after deleting 462 spam/duplicate Nmap survey submissions (mostly
from one idiot), we garnered an impressive 3,243 responses!  That is
more than 75% greater than the 1,854 responses in 2003, which was in
turn 55% greater than the 1,200 submissions in 2000.  It is nice to
see the community continue to grow!

While brainstorming ideas for Google SoC projects, I wrote a script to
tabulate the survey feature poll.  I'm relieved to see that the three
joke entries were at the very bottom.  At the top was 2nd generation
OS detection, which is perfect because that is the next big feature I
plan to work on.  Improving performance ranked next -- that is always
popular with users.  Next came state descriptions, diffing between two
scans, easy Internet data file updates, vulnerability assessment,
graphical network diagrams, then traceroute support.

The least desired feature was to translate Nmap to new languages.
This isn't an entirely fair result, since the users most interested in
this probably couldn't read the English-language survey .  But Nmap
has tons of English-as-a-second-language users (possibly around half),
yet most of them apparently prefer using the original English rather
than a translation to their native tongue.  It received the fewest
'excellent' responses (5.8%) of any non-joke feature.

But translation wasn't the most hated feature -- it scored lowest
because 64.8% were neutral to it.  Only 6.8% thought it was bad.  The
most hated was "vulnerability exploitation", with 19.9% negative.  I'm
glad people recognize that would be taking Nmap well beyond its
scope.  If I do anything with Nmap and exploitation, it will probably
just be working with HD Moore to ensure that Metasploit Framework can
import Nmap results well.

Now with my blabbing out of the way, here are the raw results.  They
are sorted by "points" value, which I consider to be the most
important number.  That gives every submission a fixed number of
points to "spend" on features.  So someone who only lists a few
features as 'excellent' has a larger effect on those few features than
someone who lists half the survey as 'excellent'.

Relatively brief feature descriptions are used.  If you don't remember
what a feature is, look back at the survey
(http://www.insecure.org/nmap/survey.html) for the more detailed
description.

Second Generation OS Detection (3099 votes): 7.24 points
      BAD: [>                  ]    4 (0.1%)
  NEUTRAL: [=>                 ]  153 (4.9%)
     GOOD: [===>               ]  471 (15.2%)
    GREAT: [==========>        ] 1586 (51.2%)
EXCELLENT: [=====>             ]  885 (28.6%)

Improved performance (3050 votes): 7.13 points
      BAD: [>                  ]    5 (0.2%)
  NEUTRAL: [=>                 ]  190 (6.2%)
     GOOD: [===>               ]  531 (17.4%)
    GREAT: [========>          ] 1211 (39.7%)
EXCELLENT: [=======>           ] 1113 (36.5%)

Give reasons for state descriptions (3045 votes): 7.13 points
      BAD: [>                  ]    8 (0.3%)
  NEUTRAL: [=>                 ]  121 (4.0%)
     GOOD: [===>               ]  540 (17.7%)
    GREAT: [=========>         ] 1391 (45.7%)
EXCELLENT: [======>            ]  985 (32.3%)

Show differences between two scans (3085 votes): 6.94 points
      BAD: [>                  ]   10 (0.3%)
  NEUTRAL: [=>                 ]  142 (4.6%)
     GOOD: [====>              ]  632 (20.5%)
    GREAT: [========>          ] 1283 (41.6%)
EXCELLENT: [======>            ] 1018 (33.0%)

Update fingerprints to latest version from 'Net (3083 votes): 6.89 points
      BAD: [>                  ]   44 (1.4%)
  NEUTRAL: [=>                 ]  189 (6.1%)
     GOOD: [===>               ]  526 (17.1%)
    GREAT: [========>          ] 1228 (39.8%)
EXCELLENT: [=======>           ] 1096 (35.5%)

Vulnerability assessment (3106 votes): 6.49 points
      BAD: [=>                 ]  195 (6.3%)
  NEUTRAL: [==>                ]  251 (8.1%)
     GOOD: [===>               ]  433 (13.9%)
    GREAT: [======>            ]  949 (30.6%)
EXCELLENT: [========>          ] 1278 (41.1%)

Create graphical network diagrams from XML output (2957 votes): 5.36 points
      BAD: [>                  ]   43 (1.5%)
  NEUTRAL: [===>               ]  425 (14.4%)
     GOOD: [=====>             ]  855 (28.9%)
    GREAT: [=====>             ]  797 (27.0%)
EXCELLENT: [=====>             ]  837 (28.3%)

Traceroute (3026 votes): 5.26 points
      BAD: [>                  ]   32 (1.1%)
  NEUTRAL: [==>                ]  394 (13.0%)
     GOOD: [======>            ]  879 (29.0%)
    GREAT: [========>          ] 1216 (40.2%)
EXCELLENT: [===>               ]  505 (16.7%)

Proxy scan-through (2929 votes): 5.24 points
      BAD: [>                  ]   16 (0.5%)
  NEUTRAL: [===>               ]  422 (14.4%)
     GOOD: [=====>             ]  813 (27.8%)
    GREAT: [=======>           ] 1077 (36.8%)
EXCELLENT: [====>              ]  601 (20.5%)

Scripting/Module support (2945 votes): 5.14 points
      BAD: [>                  ]   25 (0.8%)
  NEUTRAL: [====>              ]  590 (20.0%)
     GOOD: [=====>             ]  729 (24.8%)
    GREAT: [======>            ]  924 (31.4%)
EXCELLENT: [====>              ]  677 (23.0%)

Distributed scanning (2994 votes): 4.72 points
      BAD: [>                  ]   62 (2.1%)
  NEUTRAL: [====>              ]  625 (20.9%)
     GOOD: [=====>             ]  811 (27.1%)
    GREAT: [=====>             ]  722 (24.1%)
EXCELLENT: [=====>             ]  774 (25.9%)

IPv6 raw-type scanning support (2941 votes): 4.64 points
      BAD: [>                  ]    3 (0.1%)
  NEUTRAL: [====>              ]  640 (21.8%)
     GOOD: [=====>             ]  818 (27.8%)
    GREAT: [======>            ]  971 (33.0%)
EXCELLENT: [===>               ]  509 (17.3%)

.nmaprc for storing defaults (2958 votes): 4.60 points
      BAD: [>                  ]   43 (1.5%)
  NEUTRAL: [===>               ]  457 (15.4%)
     GOOD: [=======>           ] 1031 (34.9%)
    GREAT: [=======>           ] 1041 (35.2%)
EXCELLENT: [==>                ]  386 (13.0%)

XML output to database exporter (2946 votes): 3.99 points
      BAD: [>                  ]   50 (1.7%)
  NEUTRAL: [=====>             ]  821 (27.9%)
     GOOD: [======>            ]  858 (29.1%)
    GREAT: [=====>             ]  725 (24.6%)
EXCELLENT: [===>               ]  492 (16.7%)

Fixed-rate packet sending option (2884 votes): 3.66 points
      BAD: [>                  ]   34 (1.2%)
  NEUTRAL: [=====>             ]  766 (26.6%)
     GOOD: [=======>           ] 1057 (36.7%)
    GREAT: [=====>             ]  725 (25.1%)
EXCELLENT: [==>                ]  302 (10.5%)

Input targets from DNS zone transfer (2855 votes): 3.57 points
      BAD: [>                  ]   41 (1.4%)
  NEUTRAL: [=====>             ]  764 (26.8%)
     GOOD: [=======>           ] 1010 (35.4%)
    GREAT: [=====>             ]  737 (25.8%)
EXCELLENT: [==>                ]  303 (10.6%)

Vulnerability exploitation (3067 votes): 3.30 points
      BAD: [====>              ]  609 (19.9%)
  NEUTRAL: [==>                ]  399 (13.0%)
     GOOD: [===>               ]  515 (16.8%)
    GREAT: [====>              ]  670 (21.8%)
EXCELLENT: [=====>             ]  874 (28.5%)

libnmap C++ library (2838 votes): 3.27 points
      BAD: [>                  ]   28 (1.0%)
  NEUTRAL: [=======>           ] 1053 (37.1%)
     GOOD: [=====>             ]  804 (28.3%)
    GREAT: [====>              ]  596 (21.0%)
EXCELLENT: [==>                ]  357 (12.6%)

New/improved UNIX frontend (3021 votes): 3.25 points
      BAD: [=>                 ]  108 (3.6%)
  NEUTRAL: [=======>           ] 1039 (34.4%)
     GOOD: [=====>             ]  812 (26.9%)
    GREAT: [====>              ]  630 (20.9%)
EXCELLENT: [===>               ]  432 (14.3%)

New MS Windows GUI and interactive results viewer (3010 votes): 2.86 points
      BAD: [==>                ]  254 (8.4%)
  NEUTRAL: [=======>           ] 1073 (35.6%)
     GOOD: [====>              ]  622 (20.7%)
    GREAT: [====>              ]  597 (19.8%)
EXCELLENT: [===>               ]  464 (15.4%)

Hosted service to scan your network(s) (2929 votes): 2.60 points
      BAD: [==>                ]  255 (8.7%)
  NEUTRAL: [======>            ]  932 (31.8%)
     GOOD: [=====>             ]  756 (25.8%)
    GREAT: [====>              ]  667 (22.8%)
EXCELLENT: [==>                ]  319 (10.9%)

Translate Nmap itself (2951 votes): 0.95 points
      BAD: [=>                 ]  201 (6.8%)
  NEUTRAL: [============>      ] 1911 (64.8%)
     GOOD: [===>               ]  425 (14.4%)
    GREAT: [==>                ]  243 (8.2%)
EXCELLENT: [=>                 ]  171 (5.8%)

Animated paper clip to help formulate scans (3031 votes): -2.50 points
      BAD: [===========>       ] 1764 (58.2%)
  NEUTRAL: [===>               ]  434 (14.3%)
     GOOD: [==>                ]  320 (10.6%)
    GREAT: [=>                 ]  212 (7.0%)
EXCELLENT: [==>                ]  301 (9.9%)

Occasional bogus results to keep users attentive (2952 votes): -3.58 points
      BAD: [============>      ] 1918 (65.0%)
  NEUTRAL: [===>               ]  475 (16.1%)
     GOOD: [==>                ]  242 (8.2%)
    GREAT: [=>                 ]  123 (4.2%)
EXCELLENT: [=>                 ]  194 (6.6%)

Evil DRM and obnoxious EULA (2982 votes): -4.34 points
      BAD: [==============>    ] 2137 (71.7%)
  NEUTRAL: [===>               ]  420 (14.1%)
     GOOD: [=>                 ]  169 (5.7%)
    GREAT: [=>                 ]  117 (3.9%)
EXCELLENT: [=>                 ]  139 (4.7%)


Cheers,
Fyodor


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev

[iago]

Some humorous comments:

So I started looking through the Nmap survey comments.  I'm happy to
report that many people left comments -- 85 pages worth!  So I haven't
read it all yet, but here are some insightful and useful gems I have
already discovered:

Improvement ideas: you could implement a daemon version of nmap in lpd
spirit. heck, just use lpd and create input filter for nmap and an
example to show how to set up nmap "printer" supporting scan queuing.

General comments: You make me a bit nervous...

Improvement ideas: add carrie-anne moss pr0n

Improvement ideas: Not the paperclip dude...  A penguin
yes... Paperclip NO!!!

Improvement ideas: "Digital Restrictions Management (DRM) features:
Refuse to function without license key, require registration and
obnoxious EULA acceptance to download"......> what r u doing Dear
Fyodor? what that mean???

Improvement ideas: Give us free porn

Improvement ideas: Have the paperclip strip and you´ll have a very
popular port scanner.

Improvement ideas: I love nmap for her lightweight,fast scanning
speed.I dreamed that there was a UNIX or MS GUI nmap,for guys around
me mostly like such tools.But I hope I won't see my love nmap became a
old lady...So,I suggest keep her beauty first and then do other
things.Wish you all the best and good luck!

All this and I'm just getting started ... it's gonna be an interesting
night .

Cheers,
-F

[MyndFyre]

LoL, I love the idea of adding free pr0n to nmap.  Good call!

[Joe]

Signed.

[Ergot]

LoL, I love the idea of adding free pr0n to nmap.  Good call!

Gotta do something while it's scanning ^_~

[MyndFyre]

LoL, I love the idea of adding free pr0n to nmap.  Good call!

Gotta do something while it's scanning ^_~

Then again, the chances of seeing Fyodor or Linus naked during the scan decrease my love for that idea....

[iago]

Well, I don't know what Linus looks like, so I can't say much about him. 

However, if Fyodor looks like anything the way he does in the zone-h comic, no thanks. 

[MyndFyre]

Well, I don't know what Linus looks like, so I can't say much about him. 

That surprises me iago, I figured he'd be one of your heroes.

[Ergot]

Well, I don't know what Linus looks like, so I can't say much about him. 

Didn't you watch Revolution OS?!

[iago]

Well, I don't know what Linus looks like, so I can't say much about him. 

That surprises me iago, I figured he'd be one of your heroes.

I like what he's done, but I really don't care what he looks like.  It's his brain I am concerned about. 

I wouldn't call him a hero, though.  He's done a lot of work for a good cause, for sure.  If I had to pick somebody that I have a lot of respect for, he's one of the highest up there.  But I think "hero" is going too far. 

Well, I don't know what Linus looks like, so I can't say much about him. 

Didn't you watch Revolution OS?!

True, but that was a long time ago.  I don't remember what he looks like

[Sidoh]

I know what Linus looks like!  I saw him on the cover of a magazine a few years ago and was suddenly inspired to do some more research on him.