Nmap 2.54BETA25 released; Censorship

[Fyodor <fyodor () insecure org>]

Hello everyone,

I am happy to announce that Nmap 2.54BETA25 is now available.  I
finally sat down and made some massive updates to the
nmap-os-fingerprints file so that it can detect the newest operating
systems.  This includes the latest Linux 2.4.X series, FreeBSD 4.3,
OpenBSD 2.9, Cisco 12.2.1, MacOS X, and many more.

One nice thing about OS fingerprint submission processing is that it
gives me an excuse to scan hundreds of machines (including a lot of
obscure systems!).  This helped me optimize some of the algorithms and
to locate several problems.  I also upgraded Libpcap to version 0.6.2
(with some modifications).

It has come to our attention that the Kingdom of Saudi Arabia has
banned Insecure.Org by filtering the website at their central web
proxy (which all citizens must use).  Those assholes!

In response, we have no choice but to organize a secret opposition
movement that will rise up and overthrow King Fahd Bin Abd Al-Aziz Al
Sau and install a constitutional Democracy.  We must restore the
freedome for all people to surf the web for porn and network security
techniques!!!

While we are setting up our army (this may take a while since we have
no money or contacts), we urge people to hit Saudi Arabia where it
hurts!  All you have to do is avoid buying any more gas until they
unblock Insecure.Org :).  Also, no more tourist visits to Riyadh.
There are plenty of other hot, barren deserts in the World you can go
to instead.

And while we are waiting for the gas boycott and the planned coup to
bring the Royal Family to their knees, we are also promoting the
following responses:

o SA citizens (and anyone else I guess) can request that sites be
  unblocked by filling out the form at
  http://cgi.isu.net.sa/unblockrequest/ .

o Anyone behind a filtering proxy can try accessing Insecure.Org
  through this "backdoor" URL: http://amy.lnxnet.net .  That worked
  for one .sa resident I talked to today.

Now, back to Nmap 2.54BETA25.  Here are the CHANGELOG entries:

-- Added a whole bunch of new OS fingerprints (and adjustments)
   ranging from big important ones (Linux 2.4.X, OpenBSD 2.9, FreeBSD
   4.3, Cisco 12.2.1, MacOS X, etc) to some that are more obscure (
   such as Apple Color LaserWriter 12/660 PS and VirtualAccess
   LinxpeedPro 120 )

-- Upgraded Libpcap to the latest version (0.6.2) from tcpdump.org.  I
   modified the build system slightly by shipping pre-generated
   scanner.c/grammer.c (instead of using lex/yacc) and I also upgraded
   to the newest config.sub/config.guess .

-- Fixed some issues with the new Libpcap under Linux (patches will be
   sent to the developers).

-- Added "All zeros" IP.ID sequence classification to account for the
   new Linux 2.4 scheme which seems to use 0 whenever the DF bit is
   set (probably a good idea).

-- Tweaked TCP Timestamp and IP.ID sequence classification algorithms

For those of you running Linux/x86 w/a recent version of rpm
(www.rpm.org), you can install/upgrade to the newest version of
nmap/nmapfe with these commands:

rpm -vhU (nmap url)
where (nmap url) is one (or both) of these:

http://www.insecure.org/nmap/dist/nmap-2.54BETA25-1.i386.rpm
http://www.insecure.org/nmap/dist/nmap-frontend-0.2.54BETA25-1.i386.rpm

source tarballs and source RPMs are always available at:
http://www.insecure.org/nmap/#download

For the more paranoid (smart) members of the list, here are the md5
hashes:

8f833c75b3002af8b0af55a9eff03927  nmap-2.54BETA25-1.i386.rpm
689ba06e786e3b7aabdca54b48292f04  nmap-2.54BETA25-1.src.rpm
62442768fc3b2ed9856241baa2281dc8  nmap-2.54BETA25.tgz
bf3e73d13b792dd67c405dca60817b62  nmap-frontend-0.2.54BETA25-1.i386.rpm

[ Yes, I should really GPG sign this email too ]

Please let me know if you find any problems.

Cheers,
Fyodor


--------------------------------------------------
For help using this (nmap-hackers) mailing list, send a blank email to 
nmap-hackers-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).