Nmap Announce mailing list archives

By Date By Thread Introducing the 2016 Nmap/Google Summer of Code Team! From: Fyodor <fyodor () nmap org>

Date: Mon, 9 May 2016 20:00:59 -0700

Hello everyone. Google has agreed to sponsor five amazing students to spend this summer enhancing the Nmap Security Scanner and I'm proud to introduce our 2015 team: *Abhishek Singh* will be working as a Feature Creeper and Bug Hunter, making improvements throughout the Nmap codebase. The project hasn't even started yet and he's already found and fixed several NSE script bugs and has other code changes in the works. Abhishek is pursuing a Bachelors of Technology at the Indian Institute of Information Technology, Sri City. He will be mentored by Dan Miller, who has successfully mentored students in this role for two years now. *Prabhjyot Singh Sodhi* will be improving Nmap's IPv6 OS detection. The current system uses machine learning with a logistic regression approach and also imputates missing data. Though the current system is functional, it has several shortcomings with regards to differentiating between versions of the same family of operating systems. Furthermore, because of the relatively low number of fingerprint submissions (when compared to the numbers found in IPv4), the logistic regression model does not cope well with the amount of training data. Prabhjyot will research other machine learning techniques that might be more suited for our data. He is currently pursuing his Bachelor of Engineering at the Birla Institute of Technology and Science and has already has prior experience working on machine learning projects. He will be mentored by Alexandru Geana on the machine learning side and Mathias Morbitzer on the IPv6 side. Alexandru and Mathias are responsible for many of the recent improvements to IPv6 OS detection and we're all excited to see what they and Prabhjyot come up with next! *Sergey Khegay* will be working to improve the NSE brute-force performance and extend its support for tough protocols like SSH. Passwords may sound like old news, but they're still one of the largest weaknesses of major network systems. It only takes one weak password for attackers to get in! Nmap already includes more than 60 brute force cracking NSE scripts ( https://nmap.org/nsedoc/categories/brute.html), but Sergey is going to help improve their parallelism and efficiency as well as supporting new protocols. Sergey is pursuing his masters degree in New York University, Tandon School of Engineering. He will be mentored Fotis Hantzis (Ithilgore), who worked with me to write our Ncrack dedicted brute-force cracking tool in a previous Summer of Code (https://nmap.org/ncrack/). Here's hoping they can bring some of the impressive speed and efficiency of Ncrack to enormous protocol support and easy extensibility of NSE! *Tudor Emil Coman* is our new performance and optimization specialist. He'll be working on things like improving our underlying parallelization and timing algorithms and supporting faster, newer APIs such as overlapped I/O and completion ports on Windows. In fact he's already submitted some small performance improvement patches such as https://github.com/nmap/nmap/pull/324. And for the larger changes we're not going to just make them and hope for the best. We're setting up fast and well-connected servers to benchmark all the changes for both speed and accuracy before incorporation. Tudor is in his third year studying Computer Science at Politehnica University of Bucharest in Romania. He will be mentored by Brandon Enright who has a long history of large-scale high-performance scans of university and corporate networks. *Vincent Dumont* will be updating and improving Nmap support for Mac OS X. He'll be replacing some deprecated code and helping us toward an installer that is signed and compliant with Apple's app standards. Vincent is in his third year studying computer science at the University of Strasbourg, France. His mentor will be Dan Miller, who is responsible for running the current OS X build process for each release. Nmap is one of just seven organizations who have now participated in all twelve Google Summers of Code. If you enjoy the Zenmap GUI, Ncat, Ndiff, Nping, Ncrack, or the Nmap Scripting Engine, you're using features developed in a large part by previous Summer of Code students. And with a team like this, we can't help but expect more great things! Full-time coding starts May 23, but we have already started project brainstorming and planning. Some participants may use this community bonding period to get an early start on coding, while others will focus on testing Nmap and reading the code and documentation. Please join us in welcoming this new team of Nmap SoC students! Most of the development will be done on the Nmap dev list ( http://seclists.org/nmap-dev/), where everybody is encouraged to participate in coding, suggesting ideas, testing, etc. We had 59 applications this year and most were excellent. I regret that we could only accept 8% of them, but I'd like to thank everyone who applied! Please try again next year, if you can. We've had several cases in the past where we couldn't find room for someone one year, but were able to accept them the next. I'd also like to offer big thanks to Google for sponsoring another 1,206 students over all projects and putting another $6.6 million into open source development! Cheers, Fyodor _______________________________________________ Sent through the announce mailing list https://nmap.org/mailman/listinfo/announce Archived at http://seclists.org/nmap-hackers/ By Date By Thread Current thread: Introducing the 2016 Nmap/Google Summer of Code Team! Fyodor (May 09)