Fyodor's Suggestion
If you are feeling ambitious, write and distribute your own little
program to solve a problem you are having or otherwise makes your
life easier. It doesn't have to be anything big or fancy at first.
Nmap started out as a little 2,000-line utility published in Phrack
magazine. Post your creation to Freshmeat, or to nmap-dev if it
relates to Nmap in some way. Hmm, I think there is a current vacuum
in the open source vulnerability scanner field
.
o Or take a more active coding role for an existing open source
project. In the Nmap world, former Google SoC students are
developing three promising projects: NmapGUI and UMIT are new GUIs
and results viewers for large Nmap scans, and Ncat is a powerful
reinterpretation of the venerable Netcat. Working code for all
three of these is available if you join the Nmap-dev list
(
http://cgi.insecure.org/mailman/listinfo/nmap-dev) and I'm sure the
respective authors (Ole Morten Grodaas, Adriano Monteiro, and Chris
Gibson) would appreciate help, feedback, and testing.
o Find a bug in some open source software? Try to reproduce it with
the latest version of the software and do some web searching to see
if it is already known/fixed. If not, report it with full details
about how to reproduce it and the platform and software version of
the software you are running. It is even better if you can submit a
patch which fixes the problem.
o Join the relevant mailing lists for the project and help out new
users. Maybe you can write or translate some documentation, such as a
tutorial for using the product or a HOWTO for using it to solve a
common need.
o The Nmap Project does not accept financial donations, but many other
projects do. If some little project does exactly what you need and
saves you half a day of work or makes it into your regular-usage
arsenal of tools, consider kicking the author back $5 or $10. Not
only will it help defray costs of the project, but it shows the author
that users really appreciate his/her work and thus makes a newer
version more likely. Similarly, if you see an ad on the project
web site that interests you, click on it and spend a couple minutes
checking the product out.
o Spread the word! Commercial software houses pay to spread the word
about their product in magazines, web sites, TV, conferences, etc.
Open source projects such as Nmap can't. So if you find a project
useful, don't hesitate to post a link on your web page and mention it
(including the URL) on mailing list, newsgroup, and web forum posts.