Update from weekly chat w/David

docs/TODO

@@ -1,14 +1,13 @@
 TODO $Id: TODO 11866 2009-01-24 23:10:05Z fyodor $ -*-text-*-
 
-o Make Nmap 5.21 bugfix-only release
 
-o [NSE] Document Patrick's worker thread patch in scripting.xml (see
-  http://seclists.org/nmap-dev/2009/q4/294,
-  http://nmap.org/nsedoc/lib/stdnse.html#new_thread,
-  http://nmap.org/nsedoc/lib/nmap.html#condvar) [Patrick]
 
-o [NSE] Look at new DB2 script by Tom
-  Sellers. http://seclists.org/nmap-dev/2009/q4/659
+o Deal with AV false positive issue RE nmap_services.exe:
+ - For now, David is going to apply Ron's patch which removes this,
+   but David will make it print output in verbose mode rather than
+   debug and maybe make it a little less verbose. LT plan is for Ron
+   to encrypt it with OpenSSL.
+
 
 o [NSE] Consider the http-methods script from Bernd Stroessenreuther.
   http://seclists.org/nmap-dev/2010/q1/76
@@ -21,9 +20,6 @@ o [NSE] Consider SNMP scripts from Patrik Karlsson.
   http://seclists.org/nmap-dev/2010/q1/174
   http://seclists.org/nmap-dev/2010/q1/178
 
-o [NSE] Consider MongoDB scripts and libraries from Martin Holst Swende.
-  http://seclists.org/nmap-dev/2010/q1/177
-
 o Make the nmap.header.tmpl wording a little more generic so it more
   clearly applies to Ncat, Zenmap, Nping, etc. Then use
   templatereplace.pl to apply those changes to the code. [Fyodor]
@@ -45,6 +41,8 @@ o We should document an official way to compile/test refguide.xml so
   things.
 
 o Add Nmap web board.
+
+o Consider integrating Nping.
 
 o Create Nmap wiki
 
@@ -53,30 +51,11 @@ o Do -p- Internet UDP scans.
 o Test Jay Fink's UDP payload prototype.
   http://seclists.org/nmap-dev/2010/q1/168
 
-o [Ncat] Test, review, and (if appropriate) merge Venkat's HTTP Digest
-  proxy authentication patch.  See
-  http://seclists.org/nmap-dev/2009/q3/773. [David]
-
 o Web site HTML improvements
   - Maybe start with nmap.org.
     - Find and fix HTML validation problems, bad links.  I'm not sure
       what tool is best for this.
-    - Update to use CSS, at least for header bars
-      - Also, if it is easy to give the header bars rounded corners,
-        we should probably do so.  But if it is hard, it isn't
-        important enough to matter.
-    - The Nmap.Org navigation table should have a background and more
-      subtle lines, like we use for our calendars now.
   - Insecure.Org could use a bit of work.  On the front page:
-    - The first item (table) in featured news has slightly more
-      left/right margin than the later ones on Firefox 3.5.6, and with
-      IE8 it doesn't extend as far when you make the page really wide.
-      Plus the images on the right are problematic (extend through the
-      border below them) when you make the window too wide on IE8.
-      Having a slight margin on the left/right of entries would
-      actually be a bit nice.  And it would be nice if it only took a
-      simple tag or two, controlled by CSS rather than pasting in a
-      whole table with font tags and the like for each entry.
   - Then do the same with seclists.org, insecure.org, sectools.org
   - The icon on the top-left of the screen should be for (and link
     to) the root URL of current site.  e.g. seclists.org,
@@ -88,8 +67,6 @@ o [Ncat] This may sound ridiculous, but I'm starting to think that
 
 o Start project to make Nmap a Featured Article on Wikipedia.
 
-o Consider integrating Nping.
-
 o Dependency licensing issues (OpenSSL, Python, GTK+, etc.)
  o We should do an audit to ensure that we are in complete compliance for the
  licenses of all the software we ship in any of our downloads, as some
@@ -111,6 +88,11 @@ o Dependency licensing issues (OpenSSL, Python, GTK+, etc.)
  o X.org libraries (Mac version links to them)
  o libdnet
 
+o Seclists.org should be fixed so that it doesn't strip quoted text
+  for its summaries from the IP list because that list consists almost
+  entirely of forwarded material which is being stripped.  Look at the
+  summaries at http://seclists.org/interesting-people/.
+
 o Scanning through proxies
  o Nmap should be able to scan through proxy servers, particularly now
    that we have an NSE script for detectiong open proxies and now that
@@ -553,6 +535,40 @@ o random tip database
 
 DONE:
 
+o Web site improvements
+    - Update to use CSS, at least for header bars
+      - Also, if it is easy to give the header bars rounded corners,
+        we should probably do so.  But if it is hard, it isn't
+        important enough to matter.
+    - The Nmap.Org navigation table should have a background and more
+      subtle lines, like we use for our calendars now.
+    - The first item (table) in featured news has slightly more
+      left/right margin than the later ones on Firefox 3.5.6, and with
+      IE8 it doesn't extend as far when you make the page really wide.
+      Plus the images on the right are problematic (extend through the
+      border below them) when you make the window too wide on IE8.
+      Having a slight margin on the left/right of entries would
+      actually be a bit nice.  And it would be nice if it only took a
+      simple tag or two, controlled by CSS rather than pasting in a
+      whole table with font tags and the like for each entry.
+
+o [Ncat] Test, review, and (if appropriate) merge Venkat's HTTP Digest
+  proxy authentication patch.  See
+  http://seclists.org/nmap-dev/2009/q3/773. [David]
+
+o [NSE] Look at new DB2 script by Tom
+  Sellers. http://seclists.org/nmap-dev/2009/q4/659
+
+o [NSE] Consider MongoDB scripts and libraries from Martin Holst Swende.
+  http://seclists.org/nmap-dev/2010/q1/177
+
+o [NSE] Document Patrick's worker thread patch in scripting.xml (see
+  http://seclists.org/nmap-dev/2009/q4/294,
+  http://nmap.org/nsedoc/lib/stdnse.html#new_thread,
+  http://nmap.org/nsedoc/lib/nmap.html#condvar) [Patrick]
+
+o Make Nmap 5.21 bugfix-only release
+
 o [NSE] Consider afp-showmount script from Patrik Karlsson.
   http://seclists.org/nmap-dev/2010/q1/97
   [merged to trunk]