Nmap Announce mailing list archives

Previous By Date Next
Previous By Thread Next

Nmap 3.50 Released; Europe Trip

From: Fyodor <fyodor () insecure org>
Date: Wed, 21 Jan 2004 14:55:59 -0800
-----BEGIN PGP SIGNED MESSAGE-----

Hello everyone,

Let me first wish you all a happy new year.  2003 was very successful
for the Nmap project (Service detection, Matrix Cameo, many internal
improvements, speed optimizations, etc.) and I hope and expect 2004 to
be even better.  Or maybe I'm just happy and optimistic because I have
a vacation coming up :).  I'm leaving Monday to present at the
IT-Defense conference in Ludwigsburg, Germany ( www.itdefense.de, but
I think they're fully booked).  Then I am going to wonder around
exploring Europe until mid-February.  I did this in mid-2000 after the
OSDEM conference and had a splendid time meeting geeks all over the
region.  I stayed with a grad student in a Cambridge dorm, the
Netcraft crew in Bradford on Avon, a cute girl in Zurich, a
professional pen-tester in London, the hacker Kitetoa in Paris, and
more!  I'd love to meet some of you in this trip, too.  If you would
like to hang out, please drop me a line to introduce yourself and tell
me what city you are in.  If you have an extra sofa I could sleep on,
that is even better.

Now to get back on topic, I am pleased to release Nmap 3.50.  I
integrated *tons* of the OS and service fingerprints you have
submitted.  There are also a number of small fixes and patches.  Here
are the CHANGELOG entries:

o Integrated a ton of service fingerprints, increasing the number of
  signatures more than 50%.  It has now exceeded 1,000 for the first
  time, and represents 180 unique service protocols from acap, afp,
  and aim to xml-rpc, zebedee, and zebra.

o Implemented a huge OS fingerprint update.  The number of
  fingerprints has increased more than 13% to 1,121.  This is the first
  time it has exceeded 1000.  Notable updates include Linux 2.6.0, Mac
  OS X up to 10.3.2 (Panther), OpenBSD 3.4 (normal and pf "scrub all"),
  FreeBSD 5.2, the latest Windows Longhorn warez, and Cisco PIX 6.3.3.
  As usual, there are a ton of new consumer devices from ubiquitous
  D-Link, Linksys, and Netgear broadband routers to a number of new IP
  phones including the Cisco devices commonly used by Vonage.  Linksys
  has apparently gone special-purpose with some of their devices, such
  as their WGA54G "Wireless Game Adapter" and WPS54GU2 wireless print
  server.  A cute little MP3 player called the Rio Karma was submitted
  multiple times and I also received and integrated fingerprints for the
  Handspring Treo 600 (PalmOS).

o Applied some man page fixes from Eric S. Raymond
  (esr(a)snark.thyrsus.com).

o Added version scan information to grepable output between the last
  two '/' delimiters (that space was previously unused).  So the format
  is now "portnum/state/protocol/owner/servicename/rpcinfo/versioninfo"
  as in "53/open/tcp//domain//ISC Bind 9.2.1/" and
  "22/open/tcp//ssh//OpenSSH 3.5p1 (protocol 1.99)/".  Thanks to
  MadHat (madhat(a)unspecific.com) for sending a patch (although I did
  it differently).  Note that any '/' characters in the
  version (or owner) field are replaced with '|' to keep awk/cut
  parsing simple.  The service name field has been updated so that it
  is the same as in normal output (except for the same sort of
  escaping discussed above).

o Integrated an Oracle TNS service probe and match lines contributed
  by Frank Berger (fm.berger(a)gmx.de).  New probe contributions are
  always appreciated!

o Fixed a crash that could happen during SSL version detection due to
  SSL session ID cache reference counting issues.

o Applied patch from Rob Foehl (rwf(a)loonybin.net) which fixes the
  --with_openssl=DIR configure argument.

o Applied patch to nmap XML dtd (nmap.dtd) from Mario Manno
  (mm(a)koeln.ccc.de).  This accounts for the new version scanning
  functionality.

o Updated the Windows build system so that you don't have to manually
  copy nmap-service-probes to the output directory.  I also updated
  the README-WIN32 to elaborate further on the build process.

o Added configure option --with-libpcre=included which causes Nmap to
  build with its included version of libpcre even if an acceptable
  version is available on the system.

o Upgraded to Autoconf 2.59 (from 2.57).  This should help HP-UX
  compilation problems reported by Petter Reinholdtsen
  (pere(a)hungry.com) and may have other benefits as well.

o Applied patch from Przemek Galczewski (sako(a)avet.com.pl) which
  adds spaces to the XML output in places tha apparently help certain
  older XML parsers.

o Made Ident-scan (-I) limits on the length and type of responses
  stricter so that rogue servers can't flood your screen with 1024
  characters.  The new length limit is 32.  Thanks to Tom Rune Flo
  (tom(a)x86.no) for the suggestion and a patch.

o Fingerprints for unrecognized services can now be a bit longer to
  avoid truncating as much useful response information.  While the
  fingerprints can be longer now, I hope they will be less frequent
  because of all the newly recognized services in this version.

o The nmap-service-probes "match" directive can now take a service
  name like "ssl/vmware-auth".  The service will then be reported as
  vmware-auth (or whatever follows "ssl/") tunneled by SSL, yet Nmap
  won't actually bother initiating an SSL connection.  This is useful
  for SSL services which can be fully recognized without the overhead
  of making an SSL connection.

o Version scan now chops commas and whitespace from the end  of
  vendorproductname, version, and info fields.  This makes it easier to
  write templates incorporating lists.  For example, the tcpmux service
  (TCP port 1) gives a list of supported services separated by CRLF.
  Nmap uses this new feature to print them comma separated without
  having an annoying trailing comma as so (linewrapped):
  match tcpmux m|^(sgi_[-.\w]+\r\n([-.\w]+\r\n)*)$| 
        v/SGI IRIX tcpmux//Available services: $SUBST(1, "\r\n", ",")/

As usual, 3.50 is available from
http://www.insecure.org/nmap/nmap_download.html , including Windows
(.zip format) binaries.

For the more paranoid (smart) members of the list, here are the md5
hashes:

5f670834aa53782ddb5a36c568d3aa2d  nmap-3.50-1.i386.rpm
bf57fbdac499700084593399540e96d3  nmap-3.50-1.src.rpm
b4363f445a7c502cf314ae88ab71ec6c  nmap-3.50.tar.bz2
9823bcd72f87051707e6e1c2b10d5d62  nmap-3.50.tgz
ca0ef17aafb0834c59ea1231b572ee3f  nmap-3.50-win32.zip
2c1d69453b461bcb017ca25026eaeb36  nmap-frontend-3.50-1.i386.rpm

These release notes should be signed with my PGP key, which is
available at http://www.insecure.org/fyodor_gpgkey.txt .  The key
fingerprint is: 97 2F 93 AB 9C B0 09 80 D9 51 40 6B B9 BC E1 7E

Enjoy!  And please let me know if you find any problems.

Cheers,
Fyodor

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iQCVAwUBQA8DLs4dPqJTWH2VAQHf+wP/W9OJJe7tBA3MdifpnYAeXOexZZ6Mej1B
tyoVrwnPCUa75nQcHo7rH5bzIuBclyWELDRp45EOpOYE8kLa7On0VunAM03JzWok
KT2icsNfg6CLap95CX9PPUXUDYWAJmXnEu7jkKP0c6jRNZbdPKiKkJzUSgjMYcxF
3b7yOPCTX6k=
=PYdK
-----END PGP SIGNATURE-----

--------------------------------------------------
For help using this (nmap-hackers) mailing list, send a blank email to 
nmap-hackers-help () insecure org . List archive: http://seclists.org
Previous By Date Next
Previous By Thread Next

Current thread: