Interview with NMAP Creator Fyodor 89
An anonymous reader writes "Whitedust has an interview with Fyodor, creator of NMAP. The interview covers a broad range of topics from Fyodor's roots and motivations in the security world to his newer projects and even mentions Fyodor's forthcoming book on NMAP network scanning."
Roots and motivations? (Score:5, Funny)
Re:Roots and motivations? (Score:2)
Not in Australia.
Go root! (Score:2)
> Not in Australia.
Well, psychologists would say that all this work is ultimately done to impress women and get laid.
On second thoughts, is writing code likely to get you laid? (Hint for the stereotype
(BTW, since parent didn't make it clear, 'root' is slang for sexual intercourse in Australian English)
Re:punny. (Score:5, Funny)
Dude, a little bit of Mormon goes a *long* way.
Spelling it out in in 200pt comic sans (Score:1)
Re:Spelling it out in in 200pt comic sans (Score:1)
Talking about Mormons in the face of ly-diethylamide sergic acid is a bit weird, even for me, though.
Fyodor (Score:5, Informative)
This handle was partly inspired by Fyodor Dostoevsky, who was perhaps the second greatest writer of all time.
Re:Fyodor (Score:2, Informative)
Or, he was referring to Monkey Island's running gag of, "That's the second biggest [monkey head | duck | arrow | etc] I've ever seen."
Is it so wrong that Monkey Island was the first thing that came to mind when reading the OP's post?
Re:Fyodor (Score:2, Funny)
-- Dostoyevski
So, it seem Fyodor was trying to get out of jail(2) [freebsd.org] ?
Re:Fyodor (Score:1)
Re:Fyodor (Score:1)
Re:Fyodor (Score:1)
Re:Fyodor (Score:2)
"What is this great task for which I, Deep Thought, the second greatest computer in the Universe of Space and Time, have been called into existence?"
Re:Fyodor (Score:3, Informative)
That gag predates Monkey Island [wouldyoubelieve.com] by quite a few years. Not that Monkey Island didn't kick ass.
Re:Fyodor (Score:4, Funny)
With the first greatest writer being, of course, Mr. Anonymous Coward
Re:Fyodor (Score:2, Interesting)
This handle was partly inspired by Fyodor Dostoevsky, who was perhaps the second greatest writer of all time.
Don't know why (I have heard of the famous Fyodor), but I always assumed he picked it because when you say it out loud it sounds like "fire-door" :-)
Re:Fyodor (Score:1)
Re:Fyodor (Score:1)
* Looking back from the future, it will be seen that this post is the one that will inspire someone else to create a revolutionary new toolset called NOSTRILS that will revolutionize everything. Really, just wait and see. *
real sysadmins... (Score:5, Funny)
Re:real sysadmins... (Score:5, Funny)
Fixed that for you.
Re:real sysadmins... (Score:2)
There, fixed that for you too.
Fyodor's nmap is a great tool (Score:5, Insightful)
Obligatory (Score:5, Funny)
Come on, Fydor, admit it. Like most of us, you don't really care about coding, you just do it to get girls.
Not safe for work alright... (Score:2, Funny)
Re:Obligatory (Score:2, Informative)
Re:Obligatory (Score:4, Insightful)
More like "it's a video of a rivet-ish girl using nmap while stripping, and all the dorks on Slashdot can say is that she's not hot enough." Why is it that so many computer geeks don't get dates again?
Re:Obligatory (Score:2)
At the moment, I'm blaming DRM [slashdot.org].
high res photos and the movie (Score:1)
Best Fyodor quote (Score:5, Interesting)
"It was so awesome, my jaw dropped when I saw it in the theaters. A sexy woman uses my program. I think that means we are married."
Actual quote (Score:5, Informative)
From: Fyodor
Date: Thu, 15 May 2003 02:17:19 -0700
Hi Everyone. There is a disturbance in the force! You may recall a couple weeks ago that MS started recommending Nmap on some of their web pages. That was strange, but I did not foresee the anomalous omens that would ensue.
Like almost any self-respecting geek, I bought tickets to 'Matrix: Reloaded' several weeks back (no spoilers, I promise). After all, who can resist the combination of philosophical mind games and Trinity (Carrie-Anne Moss) in that tight leather bodysuit?
So after waiting an hour in a line snaking out of the theatre to the parking lot, I finally got in to my 10pm Wednesday showing. All was going well until Trinity needed to do some hacking. Oh, no! I was sure we'd see a silly "Hackers"-esque 3D animated "hacking scene". Not so! Trinity is as smart as she is seductive! She whips out Nmap (!!!), scans her target, finds 22/tcp open, and proceeds with an ber ssh technique! I was so surprised, I almost jumped out of my seat and did the "r00t dance" right there in the theatre!
There can be only one explanation: Carie-Anne has the hots for me! [...]
Re:Actual quote (Score:3, Interesting)
Re:Actual quote (Score:2)
Smileys (Score:4, Funny)
Fyodor> I doubt that Nmap has ever been used for blackhat purposes. OK, maybe once or twice
Re:Smileys (Score:1, Informative)
Re:Smileys (Score:1)
How ? It only suggests that a guy, (whose handle is "fv" and who asserts his email add. to be fyodor@insecure.org ( and is not worried about even the dumbest of spam robots acquiring his email add.)) makes a declaration that a sample chapter from an unpublished book is available online.
Is he the real Fyodor? God knows.
Did he say anything about giving interview to any website? I didn't notice.
Please shut me up. That ain't enough.
Advance Chapter: Nmap Reference Guide (Score:5, Informative)
The Nmap Network Scanning book isn't yet complete, but I have decided to release one of the most important chapters in advance online. That is this Nmap Reference Guide [insecure.org], which will become the new man page. It is rewritten from scratch to be much more comprehensive and detailed than the previous version, and better organized as well. It can be read top to bottom or used as a quick reference to look up that obscure scan type you are considering. Let me know [mailto] if you have any suggestions for improving it. I'm also looking for translators (the previous man page is available in nine languages [insecure.org]. If you are interested, send me mail with your target language. That way I can send you the source file (DocBook XML) to translate rather than the HTML/Nroff which is auto-generated. That will also prevent the case of several people duplicating effort by translating to the same language. I was planning to announce this tomorrow, but since the book seems to be mentioned at the top of Slashdot right now anyway, I just scrambled to put it up.
And now for the goods. Here is the HTML Nmap Reference Guide [insecure.org]. Or you can download the Nroff (man page) form here [insecure.org]. Enjoy!
-Fyodor [insecure.org]
Re:Advance Chapter: Nmap Reference Guide (Score:1, Interesting)
Re:Advance Chapter: Nmap Reference Guide (Score:1)
Off-topic I could maybe see, but redundant? What?
Re:Advance Chapter: Nmap Reference Guide (Score:1)
It mentions the book?!?! (Score:4, Insightful)
Not that there's anything wrong with pushing a book you've written, but it being mentioned is hardly a surprise.
Re:Fyodor is not a heroic "white hat" security exp (Score:2, Insightful)
Perhaps no one cares? Fyodor is a security legend. Deal with it.
Re:Fyodor is not a heroic "white hat" security exp (Score:2)
Yes.
Next question?
Re: use a tool written by a known criminal? (Score:1)
Re:Fyodor is not a heroic "white hat" security exp (Score:2)
Thank you, NMAP-developer-like people. (Score:5, Interesting)
My point is it didn't come from books, a class or even man pages (that's a given), but toolin' around with the tools epitomized by nmap. Seeing this article touched a nerve in me to say thanks as the readers of this, in my estimation, is a group most densely populated by people who coded wares that got me to wherever I am today, which apparently is a very low-level pron tycoon, who's all about the high res.
Thanks.
Question (Score:4, Interesting)
Is it how the networks operate and how NMAP plays with it? Or is this an NMAP manual? I mean it ain't exactly hard to use. I can't imagine a book on how to use NMAP being more than 50 pages or so...
Of course I haven't read any TFA if there is one...
Tom
Nmap is bigger than you think... (Score:5, Informative)
That's exactly what I thought when I started writing a short tutorial on nmap. 200 pages later(!), it's a comprehensive guide to the operation and inner-workings of nmap.
I've documented, graphically displayed, and captured network traffic for every nmap ping type, scan method, and nmap option. Not every nmap option works exactly the way one might expect, so I've also documented the "gotchas" when using nmap. I also wrote a chapter that outlines some practical uses of nmap for ongoing security needs.
I've released the book with a Creative Commons license, and posted the entire book to the web for free! My goal was to give something back to the security community that could be used to make networks more secure and to help network professionals understand what happens when these scans are active on their network.
Secrets of Network Cartography: A Comprehensive Guide to nmap is available at:
http://www.networkuptime.com/nmap/index.shtml [networkuptime.com]
I'm working on the next version now, and I'm open for suggestions and comments. Please let me know what you think!
James Messer
MOD UP (Score:1)