UMIT

Umit

the nmap frontend


Summer of Code



Google Summer of Code - Proposal ideas

English:




Português/Brasil




Español:




Translated by: Rodrigo Lazo

Português/Portugal:





Translated by: Luis A. Bastiao Silva

Quick Scan

    Sometimes you need to scan something quickly. And, honestly, finding the Umit's icon in the midst of a bunch of other apps icons, or inside a app menu full of icons, to get Umit open and then run a scan is not as quick as we want it to be, nor as quick as it need to be for a busy network administrator. That's why they prefer to use the terminal prior to using Umit. We love the command line, but we also love information and that's what Umit stands for, and the goal of this idea is to provide a meaning of using Umit faster than using the terminal for running a scan and getting the relevant information from it.

    How could we provide a meaning for using a graphical interface faster than using the terminal that is already open? Keystroke. With a combination os keys, we can open a small sized and light-weight window with an input, in which user can quickly enter a target, and watch the relevant results appearing in the screen, with relevant information highlight, and shortcuts for using that information (using the yet to be implemented quick-connect feature). Also, user is supposed to easily open the complete umit interface with the recently made scan result for better appreciation.

    The quick scan window is supposed to have 2 levels of contents. The first level is the level in which the window is open, and it features the minimum amount of widgets as possible, reducing its size in the window and improving usability by avoiding visual confusion of where things are. The second level of content appears as soon as the scan start, and it shows the relevant informations about the scan result and a button to open the main Umit interface with the current scan result.

    The quick scan window should feature:

  • Target input (1st level)
  • Profile Selection (1st level)
  • Scan Result (2nd level)
  • Button for openning the main Umit Interface (2nd level)
  • Specifics portings for the following: gnome, kde, windows, mac os x
  • Plus: A dashboard widget
  • Automatically set the keystrokes for openning quick scan, and main umit interface in the platform
  • Create a quick-starter, to pre-load some stuffs and make umit and quick scan launch quickly

Umit Assistant

    Clippit
    Everybody knows Clippit, the animated assistant that features Microsoft Office. It would be nice to have one a animated assistant to take care of helping users in some situations, and I'm sure that it is going to help Umit on every new feature that it might have in the future, showing to the user how to better analyse  the scan results that he got, suggesting things that he can do with the result, and even what that result means. There are a lot of things that can be done with it.
    The student willing to apply for this idea, must take care of making it extensible in a manner that makes it easy to be used and integrated to future projects. Also, it is a good idea to support assistant switch, letting users switch the assistent from (for example) a animated pill to a animated HUB (??).
    Volunteers for the animations and designs are very welcome to help our studnet on this task! And, of course, we're going to give you the proper credits for your work on our website and at the Credits window of Umit.

Nmap Wrapper for Python

    The wrapper intention is to provide a module from which you can create an Nmap instance, set the desired options and targets and run it without the need of executing it in another process. The wrapper must allow access of Nmap funcionalities like estimated time to finish the scan and runtime user interaction.

    User's almost won't note any change with this wrapper. This is a feature that is going to make Nmap and Umit developers life's easier, while adding new features or even integrating with future Nmap options and functionalities.


NSE Facilitator

    Last year we have a student working on this feature, and we get far with it. But still, we have a lot of work to make that couldn't be done in only one Summer. The goal of NSE Facilitator is to provide a good NSE experience for average users, who doesn't know NSE much but still need to use it to get their job done. And our work, is to help them have their job done quickly.
    We need some ideas on how to improve NSE, and ease its use for the average user. Students willing to apply for this project, are expected to interact with the plugins project, as they're closely related projects and one can benefit or injure the other project.
    If you're willing to work on a proposal for this project, take a look at where we currently are with NSE Facilitator at https://svn.umitproject.org/svnroot/umit/branch/NSEFacilitator .

UmitMapper (Web version)

   Why not having a UmitMapper for web browsers, running directly from UmitWeb? Tell us how do you plan to have this job done in a clean and non resource-eater manner. The goal is to have the UmitMapper using the current mapper libraries, using a wrapper to the web view.

Umit Report

   What about having a report generator that takes the scan results you've been collecting through Network Inventory and generate pdf, htmls or txt with nice reports and statistics of the network? Network Inventory already does a great job on statistics for sch results, but we can't have them in a printer friendly manner. The main challenge is going to work on this, adding as little dependencies as possible and choosing libraries that work on all operating systems we support, being easy to be installed on all of them.


Bluetooth Sniffer

   We intend to extend UmitBT's functionality by integrating Bluetooth protocol sniffing capabilities. Bluetooth protocol sniffing would allow users to monitor Bluetooth traffic to understand their Bluetooth spectrum in an indepth manner. Currently, Bluetooth protocol sniffing is available through costly hardware and software packages. This idea would allow users to sniff Bluetooth packets and display it in an intuitive manner similiar to Wireshark. Considerations for this idea are:

  • Integrated into UmitBT
  • Sniffing capability should be multi-platform. Implementation may vary.
  • Understanding of PyBluez and LightBlue.
  • May require intermediate knowledge on Bluetooth firmwares

   The impact of this idea is vastly significant to the community as this would be the first open source implementation of Bluetooth protocol sniffing. Students would be apart of making history with us.


UmitWeb Server Enhancements

As the Umit's web interface, UmitWeb needs a web server to get it running. Actually it has its own web server. It can receive requests, store session data, and do all the basics that a web server should. If you're willing to participate this year on improvements to the UmitWeb server, here are some hints we can list to inspirate you:

  • Multi-threading request work.
  • Adapt web server for WSGI-compliance.
  • Make a service-layer, to make umit for desktop able to do scans remotely too.

There are some features that are not webserver-related, but it can be useful for a user that doesn't want to run UmitWeb on the built-in web server. The task is to make dispatchers for mod_wsgi/mod_python, cgi and FastCGI, to allow UmitWeb to run on Apache, IIS, etc.

Independent Features


   Independent features envolves the development of small features, bug hunting and usability improvements on all Umit codebase. Although most part of the features the student will have to work on will appear during the GSoC, we already have listed some we currently are aware of:

Unittest

Umit lacks unit test suites, and that is in need. An effort in order to have test suites is going to be made by independent features students.

Speedup

Some saved scans take a relatively long time to load and after loading it takes time to move around its results and tabs. The reasons for this should be found and the code should be improved then.

Don't freeze

This is totally related to the previous sub-section. While loading some scans besides taking a reasonable time, umit is totally frozen too. It would be interesting to eliminate this behaviour.

Nmap output weird text

Depending on the loaded scan, Nmap output tab displays pretty weird text. This hapenned with scans that took reasonable time to load, so this may be related to the previous sub-sections.


PacketManipulator

  • Huge file import for pcap files
  • HexView with insert mode - maybe should be rewritten from scratch (see also bless hex editor)
  • Scripting interface/Metalanguage to support both backends
  • Update UMPA backend
  • Implement attack framework like ettercap
  • Implement plugins like hping frontends that could be shared also with UMIT project

PacketManipulator - Traffic Network

Actually Umit Project have a mapper, that are able to see a network topology. The goal of this idea is use the mapper and expose his APIs to organize the packets sniffed in a network graph and for each node in the map create a colour linker that demonstrate the traffic network already sniffed. It could be useful for a network manager detects the overflow and traffic packages.

And it can register the traffic and show another view like statistic graphs about the Packet Types, and number of packets captured for each type.

Message Sequence Charts.
Actually in PacketManipulator we have a nice plotter about a packet. That's cool but not enough. But the idea it's create a viewer of sequence packet with plugin protocol support. It should have a protocol tree embeded too.

192.168.1.1 --> 192.168.1.2
TCP -> ACK ------>
TCP <---- FIN ----

- Live Support
- Load by pcap and other formats

And if we could analyze application protocols like HTTP and put it easy to understand like telnet commands.
- Support to export to svg and png

It could possible to create a plugin based on the scripting interface/metalanguage that should be implemented first.

Nmap OS fingerprint database system

The Nmap OS fingerprint database is a set of signatures which represents many TCP/IP stack implementations of operating systems. How this system works is not easy to understand, but Nmap always has a good documentation of its features. In this case the student that wish apply this idea must be familiar with the Nmap OS detect documentation[0].

This idea consists on a solution for two main problems:

1. Nmap OS fingerprint system fails in some cases[1], but this is not because the database data, this happen because the design of the fingerprint matching algorithm. So, using a selective OS matching algorithm with the nmap-os-db file it's possible solve these problems without changes in Nmap code base.

2. Nmap results of its OS fingerprint system only can analysed from user statically. It'll interesting if users can choose the signature fields and algorithm to use when perform OS matching.


The choose of the OS matching algorithm depends on the format of the input, in this case a signature from nmap-os-db file. If you want to convert this alphanumeric data into numeric values you will amplify the possibilities of OS matching algorithm that can be used.

References

* [0] http://nmap.org/osdetect/
* [1] http://www.phocean.net/?p=14

UmitMapper new features

Idea it's add new features to Topology Network as called UmitMapper. Some topics that can be explored:
1. How represent graphically the existence of services in hosts.
2. Which others visualization techniques can be used to make visualization better.
3. What more kind of information can be expressed by the map.

Look around for other network visualization tools[1,2] and see what they have, and what they don't have. References

* [0] http://www.dca.ufrn.br/~joaomedeiros/radialnet/
* [1] http://networkviz.sourceforge.net/
* [2] http://linkanalysis.wlv.ac.uk/

Vulnerabilities database system

The Umit classification for vulnerability score of hosts is based only on the number of ports that Nmap found. This can be improved using each port information like its service and version. To do this task is interesting create a relational database SQLite[0] compatible and an API to easily access database information (e.g. functions that return a vulnerabilities set give an service and version). Not just the services can be search in database but the operating system detected by Nmap too. Good database candidates are the National Vulnerability Database[1] and The Open Source Vulnerability Database[2].

Beyond the database application interface would be good if the tool proposed has a user interface that give to the user the option of search for vulnerabilities and view them with a friendly form.

Look around some vulnerability search engines to see what they have, and what they don't have.

There are something in development. Please check: http://trac.umitproject.org/browser/nvdb

References

* [0] http://www.sqlite.org/
* [1] http://nvd.nist.gov/
* [2] http://osvdb.org/
Google will accept student applications from March 23 through April 3. The application link will be available from Google Summer of Code 2009 site .

For every applicants

    Your proposal is highly expected to have at least part of the details explained here: http://www.umitproject.org/soc2007_en.pdf (english) or  http://www.umitproject.org/soc2007_br.pdf (portuguese). Applications without explanation of the point of view of the student about the proposal and the project he is willing to work on, looks like applications that were sent in batch, to every organization. We don't need this, the community also don't need this and, believe me, you don't need that either. So, get the tips on that PDF, explore the proposals in this page and google for the details related to the proposal you selected. While researching for you project, don't be happy with the first answer you found googling. Go deeper and make your proposal shine among the others.
    Be aware that your proposal must detail the non-programatic stuffs you'll need to deal with, like documentation, usability patterns you plan to follow, etc. Also, we require a detailed schedule, proving that you have arranged your time and that you have a good sense of how long it will take to have stuffs done.