sergeykhegay/Sergey.GSoC-2016.FinalEvaluation.txt

## Sergey.GSoC-2016.FinalEvaluation.txt
As part of the Google Summer of Code 2016, I was lucky enough to contribute
to Nmap Security Scanner open source project. It was not easy all along, the
were some difficulties and frustrating moments, but overall I got a very
positive experience.

I would like to thank my mentor, Fotis Chantzis, community, and all the
developers who provided helpful feedback and suggestions, Patrick Donnelly,
Daniel Miller, and, my fellow GSoC participant, Vincent Dumont.

During the summer I worked on two major tasks: improving brute.lua and adding
support for libssh2.

Neither of changes is merged yet. But both projects are finished and are
awaiting for pending review. Current statuses are:

o. gsoc-brute - improving brute.lua changes.
  https://github.com/sergeykhegay/nmap/tree/gsoc-brute

  A pull request was sent, which can be reviewed here:
  https://github.com/nmap/nmap/pull/518

  All commits are available here:
  https://github.com/sergeykhegay/nmap/commits/gsoc-brute?author=sergeykhegay

  A performance report is available here (was shared with Nmap Dev before):
  https://drive.google.com/file/d/0Bw4slNtwpBy9TEZVNVBlSUVlZG8/view?usp=sharing

  Changes (against latest merged commit from nmap/master):
  https://github.com/nmap/nmap/compare/nmap:ed59a3d3700851ac2ae32c502c7058905cebfba6...sergeykhegay:gsoc-brute

o. gsoc-ssh - integration of libssh2.
  https://github.com/sergeykhegay/nmap/tree/gsoc-ssh

  I will send a pull request as soon as I have a chance to test it on Windows.
  It seems that for the moment nmap/master branch has a bug and segfaults even
  during a simple scan (as of 08.19.16). I will wait until this is fixed. You
  still can pull the project and use it on Linux.

  Overall, I would say that the current implementation works pretty stably as
  on Linux as on Windows.

  It is worth to mention that there are couple scripts that were also added
  (all of them are Devin Bjelland's work. Devin contibuted to this project
  before me):
  ssh-auth-methods.nse
  ssh-brute.nse
  ssh-publickey-acceptance.nse
  ssh-run.nse

  and a library utility:
  nselib/libssh2-utility.lua.

  Commits are available here:
  https://github.com/sergeykhegay/nmap/commits/gsoc-ssh?author=sergeykhegay

  Changes (against latest merged commit from nmap/master):
  https://github.com/nmap/nmap/compare/nmap:ed59a3d3700851ac2ae32c502c7058905cebfba6...sergeykhegay:gsoc-ssh

Minor projects:
o. gsoc-lpeg - updating LPeg from v0.12 to v1.0.
  https://github.com/sergeykhegay/nmap/tree/gsoc-lpeg

  This project was stalled because of a presumable bug in LPeg v1.0. I found
  a grammar and a pattern for which nmap crashes with a stack overflow. All
  this was reported to Patrick Donnelly for further investigation. I plan to
  resume on this project as soon as I finish with gsoc-brute and gsoc-ssh
  (when they are merged).

  PR and discussion are here:
  https://github.com/nmap/nmap/pull/478

  Commits are here:
  https://github.com/sergeykhegay/nmap/commits/gsoc-lpeg?author=sergeykhegay


o. issue-216 - I made a PR before the start of GSoC but committed some changes
   during the program.
  https://github.com/sergeykhegay/nmap/tree/issue-216

  PR "Add --defeat-icmp-ratelimit option for UDP scanning" is here:
  https://github.com/nmap/nmap/pull/353

  Commits are here:
  https://github.com/sergeykhegay/nmap/commits/issue-216?author=sergeykhegay


As for my plans, I will hang around with Nmap a bit longer, at least until all
my changes are merged. I hope I will be able to contribute more (I have seen
interesting issues in the bug tracker).

Best regards,
Sergey.

08.19.2016 - add more links and text.
	As part of the Google Summer of Code 2016, I was lucky enough to contribute
	to Nmap Security Scanner open source project. It was not easy all along, the
	were some difficulties and frustrating moments, but overall I got a very
	positive experience.

	I would like to thank my mentor, Fotis Chantzis, community, and all the
	developers who provided helpful feedback and suggestions, Patrick Donnelly,
	Daniel Miller, and, my fellow GSoC participant, Vincent Dumont.

	During the summer I worked on two major tasks: improving brute.lua and adding
	support for libssh2.

	Neither of changes is merged yet. But both projects are finished and are
	awaiting for pending review. Current statuses are:

	o. gsoc-brute - improving brute.lua changes.
	https://github.com/sergeykhegay/nmap/tree/gsoc-brute

	A pull request was sent, which can be reviewed here:
	https://github.com/nmap/nmap/pull/518

	All commits are available here:
	https://github.com/sergeykhegay/nmap/commits/gsoc-brute?author=sergeykhegay

	A performance report is available here (was shared with Nmap Dev before):
	https://drive.google.com/file/d/0Bw4slNtwpBy9TEZVNVBlSUVlZG8/view?usp=sharing

	Changes (against latest merged commit from nmap/master):
	https://github.com/nmap/nmap/compare/nmap:ed59a3d3700851ac2ae32c502c7058905cebfba6...sergeykhegay:gsoc-brute

	o. gsoc-ssh - integration of libssh2.
	https://github.com/sergeykhegay/nmap/tree/gsoc-ssh

	I will send a pull request as soon as I have a chance to test it on Windows.
	It seems that for the moment nmap/master branch has a bug and segfaults even
	during a simple scan (as of 08.19.16). I will wait until this is fixed. You
	still can pull the project and use it on Linux.

	Overall, I would say that the current implementation works pretty stably as
	on Linux as on Windows.

	It is worth to mention that there are couple scripts that were also added
	(all of them are Devin Bjelland's work. Devin contibuted to this project
	before me):
	ssh-auth-methods.nse
	ssh-brute.nse
	ssh-publickey-acceptance.nse
	ssh-run.nse

	and a library utility:
	nselib/libssh2-utility.lua.

	Commits are available here:
	https://github.com/sergeykhegay/nmap/commits/gsoc-ssh?author=sergeykhegay

	Changes (against latest merged commit from nmap/master):
	https://github.com/nmap/nmap/compare/nmap:ed59a3d3700851ac2ae32c502c7058905cebfba6...sergeykhegay:gsoc-ssh

	Minor projects:
	o. gsoc-lpeg - updating LPeg from v0.12 to v1.0.
	https://github.com/sergeykhegay/nmap/tree/gsoc-lpeg

	This project was stalled because of a presumable bug in LPeg v1.0. I found
	a grammar and a pattern for which nmap crashes with a stack overflow. All
	this was reported to Patrick Donnelly for further investigation. I plan to
	resume on this project as soon as I finish with gsoc-brute and gsoc-ssh
	(when they are merged).

	PR and discussion are here:
	https://github.com/nmap/nmap/pull/478

	Commits are here:
	https://github.com/sergeykhegay/nmap/commits/gsoc-lpeg?author=sergeykhegay


	o. issue-216 - I made a PR before the start of GSoC but committed some changes
	during the program.
	https://github.com/sergeykhegay/nmap/tree/issue-216

	PR "Add --defeat-icmp-ratelimit option for UDP scanning" is here:
	https://github.com/nmap/nmap/pull/353

	Commits are here:
	https://github.com/sergeykhegay/nmap/commits/issue-216?author=sergeykhegay


	As for my plans, I will hang around with Nmap a bit longer, at least until all
	my changes are merged. I hope I will be able to contribute more (I have seen
	interesting issues in the bug tracker).

	Best regards,
	Sergey.

	08.19.2016 - add more links and text.