Nmap 4.01, NSA Tracking Open Source Tools

[Fyodor <fyodor () insecure org>]

Hello everyone,

I am pleased to report that the Nmap 4.00 release was a huge success,
with 126,680 downloads from Insecure.Org in the last 10 days.  It
garnered some good press too, including:

Securityfocus interview: http://www.securityfocus.com/columnists/384
Slashdot: http://it.slashdot.org/article.pl?sid=06/01/31/191256
Digg: http://www.digg.com/security/NMAP_4.0_Released
Heise Online (German): http://www.heise.de/newsticker/meldung/69101

Also, perceptive readers noticed Nmap in the latest issue of Newsweek
and the Jan 27 Washington Post.  U.S. President Bush visited the NSA's
Fort Meade headquarters, and a giant screen in the background displays
the latest versions of some of our favorite open source tools,
including Nmap, Snort, Ethereal, Kismet, and Metasploit.

Picture: http://www.insecure.org/nmap/images/wash-post-nsa.jpg
(More info posted at http://www.insecure.org/ )

So now that more than 100,000 people have gone to the trouble of
installing the new 4.00, I'm here to obsolete it already with 4.01
:).  No matter how many pre-releases you do, it seems that some bugs
will always slip through until hoards of people upgrading to the big
"stable" release.  Fortunately, most of these are pretty minor.  So if
4.00 is working fine for you, don't sweat it.

You can find 4.01 at the normal location:
  http://www.insecure.org/nmap/download.html

And here are the changes since 4.00:

o Fixed a bug that would cause bogus reverse-DNS resolution on
  big-endian machines.  Thanks to Doug Hoyte, Seth Miller, Tony Doan,
  and Andrew Lutomirsky for helping to debug and patch the problem.

o Fixed an important memory leak in the raw ethernet sending system.
  Thanks to Ganga Bhavani (GBhavani(a)everdreamcorp.com) for
  identifying the bug and sending a patch.

o Fixed --system-dns option so that --system_dns works too.  Error
  messages were changed to reflect the former (preferred) name.
  Thanks to Sean Swift (sean.swift(a)bradford.gov.uk) and Peter
  VanEeckhoutte (Peter.VanEeckhoutte(a)saraleefoodseurope.com) for
  reporting the problem.

o Fixed a crash which would report this message:
  "NmapOutputTable.cc:143: void NmapOutputTable::addItem(unsigned int,
  unsigned int, bool, const char*, int): Assertion `row < numRows'
  failed."  Thanks to Jake Schneider (Jake.Schneider(a)dynetics.com) for
  reporting and helping to debug the problem.

o Whenever Nmap sends packets with the SYN bit set (except for OS
  detection), it now includes the maximum segment size (MSS) tcp
  option with a value of 1460.  This makes it stand out less as almost
  all hosts set at least this option.  Thanks to Juergen Schmidt
  (ju(a)heisec.de) for the suggestion.

o Applied a patch for a Windows interface reading bug in the aDNS
  subsystem from Doug Hoyte.

o Minor changes to recognize DragonFly BSD in configure
  scripts. Thanks to Joerg Sonnenberger (joerg(a)britannica.bec.de)
  for sending the patch.

o Fixed a minor bug in an error message starting with "eth_send of ARP
  packet returned".  Thanks to J.W. Hoogervorst
  (J.W.Hoogervorst(a)uva.nl) for finding this.

Enjoy, and have a great weekend everybody!
-Fyodor


_______________________________________________
Sent through the nmap-hackers mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-hackers