tags:

views:

209

answers:

4
Q: 

Any ideas on how to integrate with nmap programatically?

I'm just starting to look into how to integrate nmap, an open source security product, into some c++ code. If anyone's tried this, and has some ideas on the best approach, I'd certainly appreciate it.

Thanks for the responses. Specifically, I'd like to run a port scan (ipv6). I would definitely prefer non-gpl solutions such as a command line or sockets interface. However, I'm also this point I'm looking for the fastest solution/s, as we're up against some stringent timelines, and we can backload implemententing the non-gpl solution if necessary.

A: 

"Integrate" doesn't really say enough. What kind of things do you want to do? Depending on the level of "integration" it might be enough to run nmap as a separate process and capture its output. The advantage there is that you can update the version of nmap without rebuilding your app. If you require tighter coupling, then it depends on what functionality you need and "library-izing" nmap, but be warned that it's GPL code and this kind of integration would require source distribution of your app..

Joe  2009-04-09 16:49:24
A: 

Are you looking to use specific pieces of functionality? An easy way I've found of using nmap in other languages is to have it spit out xml using the -oX switch. There is a DTD (and numerous ways to covert this to an xsd for your favourite binding tool) what you can use to consume the data.

Given that you're writing in C++ though it probably would be easy enough to link against directly if you needed.

 2009-04-09 16:50:29
+1  A: 

(note: I am not a lawyer, and none of this should be taken as legal advice)

You should probably note that Nmap considers a product that parses its output to be a derived work, according to the licensing chapter in the manual, and thus fall under the GPL licensing obligations. The GPLv2 does not define what a derived work is, instead letting that be up to the courts and according to definitions in copyright law. The usual interpretation is that any form of linking, other than linking to system libraries included in the operating system, makes the linked work a derived work, while separate process that talk over pipes or the network are not necessarily derived works, though as mentioned in the GPL FAQ, "if the semantics of the communication are intimate enough, exchanging complex internal data structures, that too could be a basis to consider the two parts as combined into a larger program." That seems to be the interpretation that the Nmap developers are taking.

Anyhow, assuming that you don't need to worry about the GPL, you probably want to look at the output options for Nmap; in particular, -oX for XML output and -oG for "greppable" output. If you need more control over what Nmap does, you should look into the Nmap Scripting Engine, a Lua scripting engine in Nmap that gives you all kinds of control.

Brian Campbell  2009-04-10 04:21:38
A: 

You could always read it in pipe. According to tradition that is acceptable even if non-GPL accesses GPL.

Joshua  2009-04-10 04:24:55
Note that in my answer, I specifically point to the Nmap license where they clarify that they consider that to create a derived work (and thus requires you to license your derived work under the GPL if you want to redistribute the GPL'd code).
Brian Campbell  2009-04-10 04:28:00
That's a fairly strict interpretation, however. It allows them to benefit from open-source development while pushing the envelope on what is the generally accepted norm for GNU redistribution, not to mention the interpretation in the GNU FAQ itself.
Jack BeNimble  2009-04-10 14:59:32

related questions

Of Memory Management, Heap Corruption, and C++
How do I make a GUI?
Alpha blending sprites in Nintendo DS Homebrew
Thread safe lazy contruction of a singleton in C++
Interview Programming Questions - In house Exam
Link issues (VC6)
What are the barriers to understanding pointers and what can be done to overcome them?
Why are professors or schools picking Java over C++ to teach to students?
What is the best way to create a sparse array in C++
C/C++ library for reading MIDI signals from a USB MIDI device
How do you pack a visual studio c++ project for release?
How to set up unit testing for Visual Studio C++
How do I configure and communicate with a serial port?
Lightweight IDE for Linux
Mapping Stream data to data structures in C#
CPU throttling in C++
Asynchronous multi-direction server-client communication over the same open socket?
Exceptions in C++
Heap corruption under Win32; how to locate?
Build for Windows NT 4.0 using Visual Studio 2005?
C++: Should I use nested classes in this case?
BerkeleyDB Concurrency
GTK implementation of MessageBox
Is gettimeofday() guaranteed to be of microsecond resolution?
How to use the C socket API in C++ on z/OS