Next | Query returned 45 messages, browsing 11 to 20 | Previous

History of commit frequency

CVS Commit History:


   2006-02-12 18:24:23 by Lubomir Sedlacik | Files touched by this commit (8)
Log message:
Updated to version 4.01:

Changes:

- Fixed a bug that would cause bogus reverse-DNS resolution on
  big-endian machines.  Thanks to Doug Hoyte, Seth Miller, Tony Doan,
  and Andrew Lutomirsky for helping to debug and patch the problem.

- Fixed an important memory leak in the raw ethernet sending system.
  Thanks to Ganga Bhavani (GBhavani(a)everdreamcorp.com) for
  identifying the bug and sending a patch.

- Fixed --system-dns option so that --system_dns works too.  Error
  messages were changed to reflect the former (preferred) name.
  Thanks to Sean Swift (sean.swift(a)bradford.gov.uk) and Peter
  VanEeckhoutte (Peter.VanEeckhoutte(a)saraleefoodseurope.com) for
  reporting the problem.

- Fixed a crash which would report this message:
  "NmapOutputTable.cc:143: void NmapOutputTable::addItem(unsigned int,
  unsigned int, bool, const char*, int): Assertion `row < numRows'
  failed."  Thanks to Jake Schneider (Jake.Schneider(a)dynetics.com)
  for reporting and helping to debug the problem.

- Whenever Nmap sends packets with the SYN bit set (except for OS
  detection), it now includes the maximum segment size (MSS) tcp
  option with a value of 1460.  This makes it stand out less as almost
  all hosts set at least this option.  Thanks to Juergen Schmidt
  (ju(a)heisec.de) for the suggestion.

- Applied a patch for a Windows interface reading bug in the aDNS
  subsystem from Doug Hoyte.

- Minor changes to recognize DragonFly BSD in configure
  scripts. Thanks to Joerg Sonnenberger (joerg(a)britannica.bec.de)
  for sending the patch.

- Fixed a minor bug in an error message starting with "eth_send of ARP
  packet returned".  Thanks to J.W. Hoogervorst
  (J.W.Hoogervorst(a)uva.nl) for finding this.
   2006-02-06 00:11:50 by Joerg Sonnenberger | Files touched by this commit (4082)
Log message:
Recursive revision bump / recommended bump for gettext ABI change.
   2006-01-31 23:21:37 by Lubomir Sedlacik | Files touched by this commit (1)
Log message:
Sync with nmap 4.00
   2006-01-24 08:33:02 by Thomas Klausner | Files touched by this commit (1164)
Log message:
Bump BUILDLINK_RECOMMENDED of textproc/expat to 2.0.0 because
of the shlib major bump.
PKGREVISION++ for the dependencies.
   2005-12-08 23:00:22 by Lubomir Sedlacik | Files touched by this commit (1)
Log message:
Sync with nmap 3.95

Changes:

- Updated NmapFE to build with GTK2 rather than obsolete GTK1.  Thanks
  to Mike Basinger (dbasinge(a)speakeasy.net) and Meethune Bhowmick
  (meethune(a)oss-institute.org) for developing the
  patch.  I made some changes as well to prevent compilation warnings.
  The new NmapFE now seems to work, though I do get "Gtk-CRITICAL"
  assertion error messages.  If someone has time to look into this, that
  would be appreciated.
   2005-09-15 16:12:19 by Lubomir Sedlacik | Files touched by this commit (5) | Package updated
Log message:
Update to version 3.93

Changes:

3.93:
=====

o Modified Libpcap's configure.ac to compile with the
  --fno-strict-aliasing option if gcc 4.X is used.  This prevents when
  said compiler is used.  This was done for Nmap in 3.90, but is
  apparently needed for pcap too.  Thanks to Craig Humphrey
  (Craig.Humphrey(a)chapmantripp.com) for the discovery.

o Patched libdnet to include sys/uio.h in src/tun-linux.c.  This is
  apparently necessary on some Glibc 2.1 systems.  Thanks to Rob Foehl
  (rwf(a)loonybin.net) for the patch.

o Fixed a crash which could occur when a ridiculously short
  --host_timeout was specified on Windows (or on UNIX if --send_eth was
  specified).  Nmap now also prints a warning if you specify a
  host_timeout of less than 1 second.  Thanks to Ole Morten Grodaas
  (grodaas(a)gmail.com) for discovering the problem.

3.91:
=====

o Fixed a crash on Windows when you -P0 scan an unused IP on a local
  network (or a range that contains unused IPs).  This could also
  happen on UNIX if you specified the new --send_eth option.  Thanks
  to Jim Carras (JFCECL(a)engr.psu.edu) for reporting the problem.

o Fixed compilation on OpenBSD by applying a patch from Okan Demirmen
  (okan(a)demirmen.com), who maintains Nmap in the OpenBSD Ports
  collection.

o Updated nmap-mac-prefixes to include OUIs assigned by the IEEE since
  April.

o Updated the included libpcre (used for version detection) from
  version 4.3 to 6.3.  A libpcre securty issue was fixed in 6.3, but
  that issue never affected Nmap.

o Updated the included libpcap from 0.8.3 to 0.9.3.  I also changed
  the directory name in the Nmap tarball from libpcap-possiblymodified
  to just libpcap.  As usual, the modifications are described in the
  NMAP_MODIFICATIONS in that directory.

3.90:
=====

o Added the ability for Nmap to send and properly route raw ethernet
  packets cointaining IP datagrams rather than always sending the
  packets via raw sockets. This is particularly useful for Windows,
  since Microsoft has disabled raw socket support in XP for no good
  reason.  Nmap tries to choose the best method at runtime based on
  platform, though you can override it with the new --send_eth and
  --send_ip options.

o Added ARP scanning (-PR). Nmap can now send raw ethernet ARP requests to
  determine whether hosts on a LAN are up, rather than relying on
  higher-level IP packets (which can only be sent after a successful
  ARP request and reply anyway).  This is much faster and more
  reliable (not subject to IP-level firewalling) than IP-based probes.
  The downside is that it only works when the target machine is on the
  same LAN as the scanning machine.  It is now used automatically for
  any hosts that are detected to be on a local ethernet network,
  unless --send_ip was specified.  Example usage: nmap -sP -PR
  192.168.0.0/16 .

o Added the --spoof_mac option, which asks Nmap to use the given MAC
  address for all of the raw ethernet frames it sends.  The MAC given
  can take several formats.  If it is simply the string "0", Nmap
  chooses a completely random MAC for the session.  If the given
  string is an even number of hex digits (with the pairs optionally
  separated by a colon), Nmap will use those as the MAC.  If less than
  12 hex digits are provided, Nmap fills in the remainder of the 6
  bytes with random values.  If the argument isn't a 0 or hex string,
  Nmap looks through the nmap-mac-prefixes to find a vendor name
  containing the given string (it is case insensitive).  If a match is
  found, Nmap uses the vendor's OUI (3-byte prefix) and fills out the
  remaining 3 bytes randomly.  Valid --spoof_mac argument examples are
  "Apple", "0", "01:02:03:04:05:06", \ 
"deadbeefcafe", "0020F2", and
  "Cisco".

o Applied an enormous nmap-service-probes (version detection) update
  from SoC student Doug Hoyte (doug(a)hcsw.org).  Version 3.81 had
  1064 match lines covering 195 service protocols.  Now we have 2865
  match lines covering 359 protocols!  So the database size has nearly
  tripled!  This should make your -sV scans quicker and more
  accurate.  Thanks also go to the (literally) thousands of you who
  submitted service fingerprints.  Keep them coming!

o Applied a massive OS fingerprint update from Zhao Lei
  (zhaolei(a)gmail.com).  About 350 fingerprints were added, and many
  more were updated.  Notable additions include Mac OS X 10.4 (Tiger),
  OpenBSD 3.7, FreeBSD 5.4, Windows Server 2003 SP1, Sony AIBO (along
  with a new "robotic pet" device type category), the latest Linux 2.6
  kernels Cisco routers with IOS 12.4, a ton of VoIP devices, Tru64
  UNIX 5.1B, new Fortinet firewalls, AIX 5.3, NetBSD 2.0, Nokia IPSO
  3.8.X, and Solaris 10.  Of course there are also tons of new
  broadband routers, printers, WAPs and pretty much any other device
  you can coax an ethernet cable (or wireless card) into!

o Added 'leet ASCII art to the confugrator!  ARTIST NOTE: If you think
  the ASCII art sucks, feel free to send me alternatives.  Note that
  only people compiling the UNIX source code get this. (ASCII artist
  unknown).

o Added OS, device type, and hostname detection using the service
  detection framework.  Many services print a hostname, which may be
  different than DNS.  The services often give more away as well.  If
  Nmap detects IIS, it reports an OS family of "Windows".  If it sees
  HP JetDirect telnetd, it reports a device type of "printer".  Rather
  than try to combine TCP/IP stack fingerprinting and service OS
  fingerprinting, they are both printed.  After all, they could
  legitimately be different.  An IP that gives a stack fingerprint
  match of "Linksys WRT54G broadband router" and a service fingerprint
  of Windows based on Kazaa running is likely a common NAT setup rather
  than an Nmap mistake.

o Nmap on Windows now compiles/links with the new WinPcap 3.1
  header/lib files. So please upgrade to 3.1 from
  http://www.winpcap.org before installing this version of Nmap.
  While older versions may still work, they aren't supported with Nmap.

o The official Nmap RPM files are now compiled statically for better
  compatability with other systems.  X86_64 (AMD Athlon64/Opteron)
  binaries are now available in addition to the standard i386.  NmapFE
  RPMs are no longer distributed by Insecure.Org.

o Nmap distribution signing has changed. Release files are now signed
  with a new Nmap Project GPG key (KeyID 6B9355D0).  Fyodor has also
  generated a new key for himself (KeyID 33599B5F).  The Nmap key has
  been signed by Fyodor's new key, which has been signed by Fyodor's
  old key so that you know they are legit.  The new keys are available
  at http://www.insecure.org/nmap/data/nmap_gpgkeys.txt , as
  docs/nmap_gpgkeys.txt in the Nmap source tarball, and on the public
  keyserver network.  Here are the fingerprints:
    pub  1024D/33599B5F 2005-04-24
         Key fingerprint = BB61 D057 C0D7 DCEF E730  996C 1AF6 EC50 3359 9B5F
    uid  Fyodor <fyodor@insecure.org>
    sub  2048g/D3C2241C 2005-04-24

    pub  1024D/6B9355D0 2005-04-24
         Key fingerprint = 436D 66AB 9A79 8425 FDA0  E3F8 01AF 9F03 6B93 55D0
    uid  Nmap Project Signing Key (http://www.insecure.org/)
    sub  2048g/A50A6A94 2005-04-24

o Fixed a crash problem related to non-portable varargs (vsnprintf)
  usage. Reports of this crash came from Alan William Somers
  (somers(a)its.caltech.edu) and Christophe (chris.branch(a)gmx.de).
  This patch was prevalent on Linux boxes running an Opteron/Athlon64
  CPU in 64-bit mode.

o Fixed crash when Nmap is compiled using gcc 4.X by adding the
  --fno-strict-aliasing option when that compiler is detected.  Thanks
  to Greg Darke (starstuff(a)optusnet.com.au) for discovering that
  this option fixes (hides) the problem and to Duilio J. Protti
  (dprotti(a)flowgate.net) for writing the configure patch to detect
  gcc 4 and add the option.  A better fix is to identify and rewrite
  lines that violate C99 alias rules, and we are looking into that.

o Added "rarity" feature to Nmap version detection.  This causes
  obscure probes to be skipped when they are unlikely to help.  Each
  probe now has a "rarity" value.  Probes that detect dozens of
  services such as GenericLines and GetRequest have rarity values of
  1, while the WWWOFFLEctrlstat and mydoom probes have a rarity of 9.
  When interrogating a port, Nmap always tries probes registered to
  that port number.  So even WWWOFFLEctrlstat will be tried against
  port 8081 and mydoom will be tried against open ports between 3127
  and 3198.  If none of the registered ports find a match, Nmap tries
  probes that have a rarity less than or equal to its current
  intensity level.  The intensity level defaults to 7 (so that most of
  the probes are done).  You can set the intensity level with the new
  --version_intensity option.  Alternatively, you can just use
  --version_light or --version_all which set the intensity to 2 (only
  try the most important probes and ones registered to the port
  number) and 9 (try all probes), respectively.  --version_light is
  much faster than default version detection, but also a bit less
  likely to find a match.  This feature was designed and implemented
  by Doug Hoyte (doug(a)hcsw.org).

o Added a "fallback" feature to the nmap-service-probes database.
  This allows a probe to "inherit" match lines from other probes.  It
  is currently only used for the HTTPOptions, RTSPRequest, and
  SSLSessionReq probes to inherit all of the match lines from
  GetRequest.  Some servers don't respond to the Nmap GetRequest (for
  example because it doesn't include a Host: line) but they do respond
  to some of those other 3 probes in ways that GetRequest match lines
  are general enough to match.  The fallback construct allows us to
  benefit from these matches without repeating hundreds of signatures
  in the file.  This is another feature designed and implemented
  by Doug Hoyte (doug(a)hcsw.org).

o Fixed crash with certain --excludefile or
  --exclude arguments.  Thanks to Kurt Grutzmacher
  (grutz(a)jingojango.net) and pijn trein (ptrein(a)gmail.com) for
  reporting the problem, and to Duilio J. Protti
  (dprotti(a)flowgate.net) for debugging the issue and sending the
  patch.

o Updated random scan (ip_is_reserved()) to reflect the latest IANA
  assignments.  This patch was sent in by Felix Groebert
  (felix(a)groebert.org).

o Included new Russian man page translation by
  locco_bozi(a)Safe-mail.net

o Applied pach from Steve Martin (smartin(a)stillsecure.com) which
  standardizes many OS names and corrects typos in nmap-os-fingerprints.

o Fixed a crash found during certain UDP version scans.  The crash was
  discovered and reported by Ron (iago(a)valhallalegends.com) and fixed
  by Doug Hoyte (doug(a)hcsw.com).

o Added --iflist argument which prints a list of system interfaces and
  routes detected by Nmap.

o Fixed a protocol scan (-sO) problem which led to the error message:
  "Error compiling our pcap filter: syntax error".  Thanks to Michel
  Arboi (michel(a)arboi.fr.eu.org) for reporting the problem.

o Fixed an Nmap version detection crash on Windows which led to the
  error message "Unexpected error in NSE_TYPE_READ callback.  Error
  code: 10053 (Unknown error)".  Thanks to Srivatsan
  (srivatsanp(a)adventnet.com) for reporting the problem.

o Fixed some misspellings in docs/nmap.xml reported by Tom Sellers
  (TSellers(a)trustmark.com).

o Applied some changes from  Gisle Vanem (giva(a)bgnett.no) to make
  Nmap compile with Cygwin.

o XML "osmatch" element now has a "line" attribute giving the
  reference fingerprint line number in nmap-os-fingerprints.

o Added a distcc probes and a bunch of smtp matches from Dirk Mueller
  (mueller(a)kde.org) to nmap-service-probes.  Also added AFS version
  probe and matches from Lionel Cons (lionel.cons(a)cern.ch).  And
  even more probes and matches from Martin Macok
  (martin.macok(a)underground.cz)

o Fixed a problem where Nmap compilation would use header files from
  the libpcap included with Nmap even when it was linking to a system
  libpcap.  Thanks to Solar Designer (solar(a)openwall.com) and Okan
  Demirmen (okan(a)demirmen.com) for reporting the problem.

o Added configure option --with-libpcap=included to tell Nmap to use
  the version of libpcap it ships with rather than any that may already be
  installed on the system.  You can still use --with-libpcap=[dir] to
  specify that a system libpcap be installed rather than the shipped
  one.  By default, Nmap looks at both and decides which one is likely
  to work best.  If you are having problems on Solaris, try
  --with-libpcap=included .

o Changed the --no-stylesheet option to --no_stylesheet to be
  consistant with all of the other Nmap options.  Though I'm starting to
  like hyphens a bit better than underscores and may change all of the
  options to use hyphens instad at some point.

o Added "Exclude" directive to nmap-service-probes grammar which
  causes version detection to skip listed ports.  This is helpful for
  ports such as 9100.  Some printers simply print any data sent to
  that port, leading to pages of HTTP requests, SMB queries, X Windows
  probes, etc.  If you really want to scan all ports, specify
  --allports.  This patch came from Doug Hoyte (doug(a)hcsw.org).

o Added a stripped-down and heavily modified version of Dug Song's
  libdnet networking library (v. 1.10).  This helps with the new raw
  ethernet features.  My (extensive) changes are described in
  libdnet-stripped/NMAP_MODIFICATIONS

o Removed WinIP library (and all Windows raw sockets code) since MS
  has gone and broken raw sockets.  Maybe packet receipt via raw
  sockets will come back at some point.  As part of this removal, the
  Windows-specific --win_help, --win_list_interfaces, --win_norawsock,
  --win_forcerawsock, --win_nopcap, --win_nt4route, --win_noiphlpapi,
  and --win_trace options have been removed.

o Chagned the interesting ports array from a 65K-member array of
  pointers into an STL list.  This noticeable reduces memory usage in
  some cases, and should also give a slight runtime performance
  boost. This patch was written by Paul Tarjan (ptarjan(a)gmail.com).

o Removed the BSDFIX/BSDUFIX macros.  The underlying bug in
  FreeBSD/NetBSD is still there though.  When an IP packet is sent
  through a raw socket, these platforms require the total length and
  fragmentation offset fields of an IP packet to be in host byte order
  rather than network byte order, even though all the other fields
  must be in NBO.  I believe that OpenBSD fixed this a while back.
  Other platforms, such as Linux, Solaris, Mac OS X, and Windows take
  all of the fields in network byte order.  While I removed the macro,
  I still do the munging where required so that Nmap still works on
  FreeBSD.

o Integrated many nmap-service-probes changes from Bo Jiang
  (jiangbo(a)brandeis.edu)

o Added a bunch of RPC numbers from nmap-rpc maintainer Eilon Gishri
  (eilon(a)aristo.tau.ac.il)

o Added some new RPC services to nmap-rpc thanks to a patch from
  vlad902 (vlad902(a)gmail.com).

o Fixed a bug where Nmap would quit on Windows whenever it encountered
  a raw scan of localhost (including the local ethernet interface
  address), even when that was just one address out of a whole network
  being scanned.  Now Nmap just warns that it is skipping raw scans when
  it encounters the local IP, but continues on to scan the rest of the
  network.  Raw scans do not currently work against local IP addresses
  because Winpcap doesn't support reading/writing localhost interfaces
  due to limitations of Windows.

o The OS fingerprint is now provided in XML output if debugging is
  enabled (-d) or verbosity is at least 2 (-v -v).  This patch was
  sent by Okan Demirmen (okan(a)demirmen.com)

o Fixed the way tcp connect scan (-sT) respons to ICMP network
  unreachable responses (patch by Richard Moore
  (rich(a)westpoint.ltd.uk).

o Update random host scan (-iR) to support the latest IANA-allocated
  ranges, thanks to patch by Chad Loder (cloder(a)loder.us).

o Updated GNU shtool (a helper program used during 'make install' to
  version 2.0.2, which fixes a predictable temporary filename
  weakness discovered by Eric Raymond.

o Removed addport element from XML DTD, since it is no longer used
  (sugested by Lionel Cons (lionel.cons(a)cern.ch)

o Added new --privileged command-line option and NMAP_PRIVILEGED
  environmental variable.  Either of these tell Nmap to assume that
  the user has full privileges to execute raw packet scans, OS
  detection and the like.  This can be useful when Linux kernel
  capabilities or other systems are used that allow non-root users to
  perform raw packet or ethernet frame manipulation.  Without this
  flag or variable set, Nmap bails on UNIX if geteuid() is
  nonzero.

o Changed the RPM spec file so that if you define "static" to 1 (by
  passing --define "static 1" to rpmbuild), static binaries are built.

o Fixed Nmap compilation on Solaris x86 thanks to a patch from Simon
  Burr (simes(a)bpfh.net).

o ultra_scan() now sets pseudo-random ACK values (rather than 0) for
  any TCP scans in which the initial probe packet has the ACK flag set.
  This would be the ACK, Xmas, Maimon, and Window scans.

o Updated the Nmap version number, description, and similar fields
  that MS Visual Studio places in the binary.  This was done by editing
  mswin32/nmap.rc as suggested by Chris Paget (chrisp@ngssoftware.com)

o Fixed Nmap compilation on DragonFly BSD (and perhaps some other
  systems) by applying a short patch by Joerg Sonnenberger which omits
  the declaration of errno if it is a #define.

o Fixed an integer overflow that prevented Nmap from scanning
  2,147,483,648 hosts in one expression (e.g. 0.0.0.0/1).  Problem
  noted by Justin Cranford (jcranford(a)n-able.com).  While /1 scans
  are now possible, don't expect them to finish during your bathroom
  break.  No matter how constipated you are.

o Increased the buffer size allocated for fingerprints to prevent Nmap
  from running out and quitting (error message: "Assertion
  `servicefpalloc - servicefplen > 8' failed".  Thanks to Mike Hatz
  (mhatz(a)blackcat.com) for the report. [ Actually this was done in a
  previous version, but I forgot which one ]

o Changed from CVS to Subversion source control system (which
  rocks!). Neither repository is public (I'm paranoid because both CVS
  and SVN have had remotely exploitable security holes), so the main
  change users will see is that "Id" tags in file headers use the SVN
  format for version numbering and such.
   2005-06-17 05:50:45 by Johnny C. Lam | Files touched by this commit (387)
Log message:
Create directories before installing files into them.
   2005-04-11 23:48:17 by Todd Vierling | Files touched by this commit (3539)
Log message:
Remove USE_BUILDLINK3 and NO_BUILDLINK; these are no longer used.
   2005-02-09 14:58:41 by Lubomir Sedlacik | Files touched by this commit (3) | Package updated
Log message:
Update to version 3.81

Changes:

- Nmap now prints a warning message on Windows if Winpcap is not found
  (it then reverts to raw sockets mode if available, as usual).
- documentation fixes and updates.
   2005-02-06 22:56:11 by Lubomir Sedlacik | Files touched by this commit (4) | Package updated
Log message:
Updated to version 3.80

Changes:

- Nmap now ships with and installs (in the same directory as other
  data files such as nmap-os-fingerprints) an XSL stylesheet for
  rendering the XML output as HTML.  This stylesheet was written by
  Benjamin Erb ( see http://www.benjamin-erb.de/nmap/ for examples).
  It supports tables, version detection, color-coded port states, and
  more.  The XML output has been augmented to include an
  xml-stylesheet directive pointing to nmap.xsl on the local
  filesystem.  You can point to a different XSL file by providing the
  filename or URL to the new --stylesheet argument.  Omit the
  xml-stylesheet directive entirely by specifying --no-stylesheet.
  The XML to HTML conversion can be done with an XSLT processor such
  as Saxon, Sablot, or Xalan, but modern browsers can do this on the
  fly -- simply load the XML output file in IE or Firefox.  Some
  features don't currently work with Firefox's on-the-fly rendering.
  Perhaps some Mozilla wizard can fix that in either the XSL or the
  browser itself.  I hate having things work better in IE :).  It is
  often more convenient to have the stylesheet loaded from a URL
  rather than the local filesystem, allowing the XML to be rendered on
  any machine regardless of whether/where the XSL is installed.  For
  privacy reasons (avoid loading of an external URL when you view
  results), Nmap uses the local filesystem by default.  If you would
  like the latest version of the stylesheet load from the web when
  rendering, specify
  --stylesheet http://www.insecure.org/nmap/data/nmap.xsl .

- Fixed fragmentation option (-f).  One -f now sets sends fragments
  with just 8 bytes after the IP header, while -ff sends 16 bytes to
  reduce the number of fragments needed.  You can specify your own
  fragmentation offset (must be a multiple of 8) with the new --mtu
  flag.  Don't also specify -f if you use --mtu.  Remember that some
  systems (such as Linux with connection tracking) will defragment in
  the kernel anyway -- so test first while sniffing with ethereal.
  These changes are from a patch by Martin Macok
  (martin.macok(a)underground.cz).

- Nmap now prints the number (and total bytes) of raw IP packets sent
  and received when it completes, if verbose mode (-v) is enabled.  The
  report looks like:
  Nmap finished: 256 IP addresses (3 hosts up) scanned in 30.632 seconds
                 Raw packets sent: 7727 (303KB) | Rcvd: 6944 (304KB)

- Fixed (I hope) an error which would cause the Windows version of
  Nmap to abort under some circumstances with the error message
  "Unexpected error in NSE_TYPE_READ callback.  Error code: 10053
  (Unknown error)".  Problem reported by "Tony Golding"
  (biz(a)tonygolding.com).

- Added new "closed|filtered" state.  This is used for Idlescan, since
  that scan method can't distinguish between those two states.  Nmap
  previously just used "closed", but this is more accurate.

- Null, FIN, Maimon, and Xmas scans now mark ports as "open|filtered"
  instead of "open" when they fail to receive any response from the
  target port.  After all, it could just as easily be filtered as open.
  This is the same change that was made to UDP scan in 3.70.  Also as
  with UDP scan, adding version detection (-sV) will change the state
  from open|filtered to open if it confirms that they really are open.

- Fixed a bug in ACK scan that could cause Nmap to crash with the
  message "Unexpected port state: 6" in some cases.  Thanks to Glyn
  Geoghegan (glyng(a)corsaire.com) for reporting the problem.

- Change IP protocol scan (-sO) so that a response from the target
  host in any protocol at all will prove that protocol is open.  As
  before, no response means "open|filtered", an ICMP protocol
  unreachable means "closed", and most other ICMP error messages mean
  "filtered".

- Patched a Winpcap issue that prevented read timeouts from being
  honored on Solaris (thus slowing down Nmap substantially).  The
  problem report and patch were sent in by Ben Harris
  (bjh21(a)cam.ac.uk).

- Changed IP protocol scan (-sO) so that it sends valid ICMP, TCP, and
  UDP headers when scanning protocols 1, 6, and 17, respectively.  An
  empty IP header is still sent for all other protocols.  This should
  prevent the error messages such as "sendto in send_ip_packet:
  sendto(3, packet, 20, 0, 192.31.33.7, 16) => Operation not
  permitted" that Linux (and perhaps other systems) would give when
  they try to interpret the raw packet.  This also makes it more
  likely that these protocols will elicit a response, proving that the
  protocol is "open".

- The windows build now uses header and static library files from
  Winpcap 3.1Beta4.  It also now prints out the DLL version you are
  using when run with -d.  I would recommend upgrading to 3.1Beta4 if
  you have an older Winpcap installed.

- Added an NTP probe and matches to the version detection database
  (nmap-service-probes) thanks to a submission from Martin
  Macok (martin.macok@underground.cz).

- Applied several Nmap service detection database updates sent in by
  Martin Macok (martin.macok(a)underground.cz).

Next | Query returned 45 messages, browsing 11 to 20 | Previous