<?xml version="1.0" encoding="utf-8" ?>
<packagegui>
	<name>nmap</name>
	<version>3.70</version>
	<title>Diagnostics: NMap</title>
	<donotsave>true</donotsave>
	<preoutput>yes</preoutput>
	<savetext>Scan</savetext>
	<!-- Menu is where this packages menu will appear -->
	<menu>
		<name>NMap</name>
		<tooltiptext>NMap is a utility for network exploration or security auditing. It supports ping scanning (determine which hosts are up), many port scanning techniques (determine what services the hosts are offering), version detection (determine what application/service is runing on a port), and TCP/IP fingerprinting (remote host OS or device identification). It also offers flexible target and port specification, decoy/stealth scanning, SunRPC scanning, and more. Most Unix and Windows platforms are supported in both GUI and command line modes. Several popular handheld devices are also supported, including the Sharp Zaurus and the iPAQ.</tooltiptext>
		<section>Diagnostics</section>
		<configfile>nmap.xml</configfile>
	</menu>
        <!-- Do not save invokes a simple input menu and will not update
             the configuration database. -->
	<fields>
		<field>
                    <fielddescr>IP or Hostname</fielddescr>
                    <fieldname>hostname</fieldname>
                    <description>Enter the IP address or hostname that you would like to scan.</description>
                    <type>input</type>
		</field>
                <field>
                    <fielddescr>-sT</fielddescr>
                    <fieldname>option</fieldname>
                    <description>This is the most basic form of TCP scanning.  The connect() system call provided by your operating  system  is used  to  open  a  connection  to  every interesting port on the machine. If the port is listening, connect() will succeed,  oth- erwise  the  port  isn't reachable. One strong advantage to this technique is that you don't need  any  special  privileges.  Anyuser on most UNIX boxes is free to use this call.</description>
                    <type>radio</type>
                    <typehint>TCP connect() scan.</typehint>
                </field>
                <field>
                    <fielddescr>-sP</fielddescr>
                    <fieldname>option</fieldname>
                    <description> Ping scanning: Sometimes you only want to know which hosts on  a network  are  up.  Nmap can do this by sending ICMP echo request packets to every IP address on the networks you specify.   Hosts that   respond  are  up.   Unfortunately,  some  sites  such  as microsoft.com block echo request packets.  Thus  nmap  can  also send a TCP ack packet to (by default) port 80.  If we get an RST back, that machine is up.  A third technique involves sending  a SYN  packet  and  waiting  for a RST or a SYN/ACK.  For non-root users, a connect() method is used.</description>
                    <type>radio</type>
                    <typehint>Ping scanning</typehint>
                </field>
                <field>
                    <fielddescr>-sU</fielddescr>
                    <fieldname>option</fieldname>
                    <description>This method is used to determine which UDP (User Datagram Protocol, RFC 768) ports are open on a host.  The tech- nique  is  to send 0 byte UDP packets to each port on the target machine.  If we receive an ICMP port unreachable  message,  then the  port  is closed.  Otherwise we assume it is open.  Unfortunately, firewalls often block  the  port  unreachable  messages, causing  the  port  to appear open.  Sometimes an ISP will block only a few specific dangerous ports such as 31337 (back orifice) and  139 (Windows NetBIOS), making it look like these vulnerable ports are open.  So don't panic immediately.  Unfortunately,  it isn't  always  trivial  to  differentiate  between real open UDP ports and these filtered false-positives.</description>
                    <type>radio</type>
                    <typehint>UDP Scanning</typehint>
                </field>
                <field>
                    <fielddescr>-P0</fielddescr>
                    <typehint>Do not try to ping hosts at all before scanning them.</typehint>
                    <fieldname>noping</fieldname>
                    <description>This allows the scanning of networks that don't allow ICMP  echo requests  (or  responses) through their firewall.  microsoft.com is an example of such a network, and thus you should always  use -P0  or  -PT80 when portscanning microsoft.com.  Note tht "ping" in this contect may involve more than the traditional ICMP  echo request packet.  Nmap supports many such probes, including arbi- trary combinations of TCP, UDP, and ICMP  probes.   By  default, Nmap sends an ICMP echo request and a TCP ACK packet to port 80.</description>
                    <type>checkbox</type>
                </field>
		<field>
		    <fielddescr>-sV</fielddescr>
		    <typehint>Try to identify service versions</typehint>
		    <fieldname>servicever</fieldname>
		    <description>After TCP and/or  UDP  ports  are  discovered using  one of the other scan methods, version detection communicates with those ports to try and determine more about  what  is actually  running.  A file called nmap-service-probes is used to determine the best probes for detecting various services and the match  strings  to  expect.  Nmap tries to determine the service protocol (e.g. ftp, ssh, telnet,  http),  the  application  name (e.g. ISC Bind, Apache httpd, Solaris telnetd), the version number, and sometimes  miscellaneous  details  like  whether  an  X server  is open to connections or the SSH protocol version)</description>
		    <type>checkbox</type>
		</field>
		<field>
		    <fielddescr>-O</fielddescr>
		    <typehint>Turn on OS detection</typehint>
		    <fieldname>osdetect</fieldname>
		    <description>This option activates remote host identification via TCP/IP fingerprinting.   In  other words, it uses a bunch of techniques to detect subtleties in the  underlying  operating  system  network stack  of the computers you are scanning.  It uses this informa- tion to create a "fingerprint" which it compares with its  database of known OS fingerprints (the nmap-os-fingerprints file) to decide what type of system you are scanning</description>
		    <type>checkbox</type>
		</field>
        </fields>
		<custom_php_deinstall_command>
		</custom_php_deinstall_command>
        <custom_add_php_command>
            $nmap_options = "";
            if($_POST['option'] == "-sT: TCP connect() scan.") $nmap_options .= " -sT";
            if($_POST['option'] == "-sP: Ping scanning") $nmap_options .= " -sP";
            if($_POST['option'] == "-sU: UDP Scanning") $nmap_options .= " -sU";
            if($_POST['noping']) $nmap_options .= " -P0";
	    if($_POST['servicever']) $nmap_options .= " -sV";
	    if($_POST['osdetect']) $nmap_options .= " -O";
            $nmap_options .= " " . $_POST['hostname'];
            system("/usr/local/bin/nmap" . $nmap_options);
        </custom_add_php_command>
</packagegui>