Nmap Announce mailing list archives
Nmap 3.28 Released!
From: Fyodor <fyodor () insecure org>
Date: Sat, 14 Jun 2003 19:26:49 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hello everyone, I am pleased to announce the release of Nmap 3.28! This version includes many changes, most of which are bugfixes for runtime or compilation problems. Some are quite serious (cause Nmap to print an error and crash). Thanks to everyone who sent bug reports, and even a few who sent actual patches! Sometimes fixes for one platform break something else, so please let me know if you experience problems. There is also a significant upgrade to NmapFE to include many of the newer Nmap options. As usual for "stable" releases, New Windows .zip binaries are available. Here are the new CHANGELOG entries: o Fixed (I hope) an issue that would cause Nmap to print "Serious time computation problem in adjust_timeout ..." and quit. The ultimate cause was demonstrated by this --packet_trace snippet that Russel Miller (rmiller(a)duskglow.com) sent me: SENT (0.0500s) ICMP 0.0.0.0 > 127.0.0.1 Echo request (type=8/code=0) ... RCVD (0.0450s) ICMP 127.0.0.1 > 127.0.0.1 Echo reply (type=0/code=0) ... As you can see, the ping reply appears to come BEFORE the request was sent(!). This sort of thing happens on at least Linux and Windows. The send time is obtained from gettimeofday(NULL), while receive time libpcap packet header. If anyone knows why this occurs, or (even better) knows a good way to fix it, let me know. For now, I am allowing the response to come up to .05s "before" the request. That is gross. o For years, Nmap has added -I/usr/local/include and -L/usr/local/lib to the compiler line to grab local libraries. I have removed this behavior by default, and added a '--with_localdirs' configure option that adds it back. If Nmap fails to compile now without the above option, please let me know. I can change the default back if this change causes more problems than it solves. People (such as certain ports tree packagers) who know they don't want /usr/local should specify --without_localdirs rather than relying on that always being the default. o Fixed (I hope) a problem that led to the error message "Assertion `tqi->sockets[probe_port_num][seq] == -1' failed". o Fixed a problem that would cause Nmap on Windows to send ICMP ping packets from 0.0.0.0 instead of the appropriate source IP. Thanks to Yeti (boxed(a)blueyonder.co.uk) for the report. o Applied some changes from Solar Designer (solar(a)openwall.com) which fix some typos and also suggest safer /tmp/ behavior in the HACKING file and Lithuanian man page. These changes are for the Nmap package of his Openwall GNU/*/Linux (Owl) distribution. [ http://www.openwall.com/Owl/ ] o For Solaris, I now define NET_SIZE_T to size_t rather than socklen_t in nmap.h. Isn't that exciting?!!! Hopefully this will help compilation on Solaris 2.6 (and perhaps earlier). If any Solaris users notice new compilation problems, please let me know. Thanks to Al Smith (Al.Smith(a)aeschi.ch.eu.org) for reporting the issue. o Removed an errant getopt() prototype in nbase/getopt.h which should hopefully improve compilation on certain Solaris boxes and BSD variants. o SCO operating systems are no longer supported due to their recent (and absurd) attacks against Linux and IBM. Bug reports relating to UnixWare will be ignored, or possibly even laughed at derisively. Note that I have no reason to believe anyone has ever used Nmap on SCO systems. Unixware and OpenServer suck. o Fixed a problem with small --max_parallism values when non-root ping scanning that would cause Nmap to say "sendconnecttcpquery: Could not scavenge a free socket!" and quit. Problem was reported by Justin A (justin(a)bouncybouncy.net) as Debian Bug #195463. o Applied (with a few modifications) a large NmapFE patch from Peter Marschall (peter(a)adpm.de). This patch adds a bunch more scan/ping options and cleans up some redundant NmapFE code. o Included new Russian man page translation by Alex Volkov (alex(a)cherepovets-city.ru) o Changed many single-quotes (') into double quotes (") in the man page due to a disagreement over whether to represent them as (') or (\') in nroff. o Included --packet_trace support for Explicit Congestion Notification (rfc 2481/3168) flags thanks to a patch sent in by Maik Pfeil (root(a)bundesspionageministerium.de) o Included --packet_trace support for a few (unusual) ICMP types in case Nmap receives them. The patch was also sent by Maik Pfeil. o Fixed a problem with redirecting XML/Grep/Machine output to stdout on Windows (e.g. -oX - ). Problem was reported by Wei Jiang (Wei.Jiang(a)bindview.com) o Made "-g -Wall" compiler flags dependent on availability of gcc/g++ sine some other compilers do not support them. o I spam-protected the email addresses in this file. I fervently hope that within 5 years we will be able to defeat this scourge through technology and laws, so that we may again list our email addresses openly without fear of abuse by criminal spammers. Oh, and it would be a shame if the spiders went through this whole page and only found uce () ftc gov, rhundt () fcc gov, jquello () fcc gov, sness () fcc gov, president () whitehouse gov, and rchong () fcc gov. For those of you running Linux/x86 w/a recent version of rpm (www.rpm.org), you can install/upgrade to the newest version of nmap/nmapfe by executing these commands as root: rpm -vhU (nmap url) where (nmap url) is one (or both) of these: http://download.insecure.org/nmap/dist/nmap-3.28-1.i386.rpm http://download.insecure.org/nmap/dist/nmap-frontend-3.28-1.i386.rpm For the rest of you, source tarballs and source RPMs are always available at: http://www.insecure.org/nmap/nmap_download.html . That page also notes sources of binary packages for common operating systems. For the more paranoid (smart) members of the list, here are the md5 hashes: 7267a02878c11b4e2e7ad68887bca1f1 nmap-3.28-1.i386.rpm 07e691e8e26a009d4cc9d17270072406 nmap-3.28-1.src.rpm ac46d6d7a5f7eec8d0281f656c23f2b4 nmap-3.28.tar.bz2 de432d4dd2c2ab7bc0823496faa2a72f nmap-3.28.tgz 8a8d145fa1577f7aedb619e15b17f161 nmap-3.28-win32.zip 544c3b2d5c90582da03156d4eceb70fc nmap-frontend-3.28-1.i386.rpm These release notes should be signed with my PGP key, which is available at http://www.insecure.org/fyodor_gpgkey.txt . The key fingerprint is: 97 2F 93 AB 9C B0 09 80 D9 51 40 6B B9 BC E1 7E Cheers, Fyodor -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iQCVAwUBPuvZHs4dPqJTWH2VAQGC0QP/cfUhdxrMYhhAXVRRZvqh35FoX+nRHmeg Zom/LrewBgwQYfHHF+NXhZfNcdk+IpgQrgfpDrPWyjhUxXYHymC38q4/OeVqnR4b AvwBfSF4Mp6vaGqk20tLd1JZH+zxsz2pELFILmw36sxjX55b1hFRxVE+jhBYoaqp EMej0S03ZYY= =pWsc -----END PGP SIGNATURE----- -------------------------------------------------- For help using this (nmap-hackers) mailing list, send a blank email to nmap-hackers-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).
Current thread:
- Nmap 3.28 Released! Fyodor (Jun 14)