Nmap Announce mailing list archives
Nmap 4.03 Released; Survey Status
From: Fyodor <fyodor () insecure org>
Date: Mon, 24 Apr 2006 11:19:59 -0700
Hello everyone, First let me thank all of you who took the 2006 Nmap survey! The goal was 2,500 responses, and I'm pleased to report that we achieved more than 3,000! I am tabulating the results now and will send mail when they are ready. First up will be the top tools list, as you guys suggested many new and valuable ones! I am also pleased to report that Nmap 4.03 is now available. It is mostly a bug and portability fix release, though it does have a few new features as well. With this "stable version" out of the way, I plan to resume breaking stuff to implement a 2nd generation OS detection system. As always, Nmap is available from http://www.insecure.org/nmap/download.html Here are the changes since 4.01: o Updated to a newer XSL stylesheet (for XML to HTML output transformation) by Benjamin Erb. This new version includes IP address sorting, removal of javascript requirements, some new address, hostname, and Nmap version information, and various minor tweaks and fixes. o Updated the LibPCRE build system to add the -fno-thread-jumps option to gcc when compiling on the new Intel-based Apple Mac OS X systems. Hopefully this resolves the version detection crashes that several people have reported on such systems. Thanks to Kurt Grutzmacher (grutz(a)jingojango.net) for sending the configure.ac patch. o Service fingerprints are now provided in the XML output whenever they would appear in the interactive output (i.e. when a service response with data but is unrecognized). They are shown in a new 'servicefp' attribute to the 'service' tag. Thanks to Brandon Enright (bmenrigh(a)ucsd.edu) for sending the patch. o WinPcap 3.1 binaries are now shipped in the Nmap tarball, along with a customized installer written by Doug Hoyte. That new WinPcap installer is now used by the Nmap self-installer (if you request WinPcap installation). Some Nmap users were uncomfortable with a "phone home" feature of the official WinPcap installer. It connects back to CACE Technologies, ostensibly to display news and (more recently) advertisements. Our new installer omits that feature, but should be otherwise perfectly compatible with WinPcap 3.1. o Improved the Windows build system -- mswin32/Makefile now takes care of packaging Nmap and creating the installers once Visual Studio (GUI) is done building the Release version of mswin32/nmap.sln. If someone knows how to do this (build) step on the command line (using the Makefile), please let me know. Or if you know how to at least make 'Release' (rather than Debug) the default configuration, that would be valuable. o Made some portability fixes to keep Nmap compiling with the newest Visual Studio 2005. Thanks to KX (kxmail(a)gmail.com) for suggesting them. o Fixed (I hope) a problem where aggressive --min-parallelization option values could cause Nmap to quit with the message "box(300, 100, 15) called (min,max,num)". Thanks to Richard van den Berg (richard.vandenberg(a)ins.com) for reporting the problem. o Fixed a rare crash bug thanks to a report and patch from Ganga Bhavani (GBhavani(a)everdreamcorp.com) o Increased a write buffer length to avoid Nmap from quitting with the message "log_vwrite: write buffer not large enough -- need to increase". Thanks to Dave (dmarcher(a)pobox.com) for reporting the issue. o Cleaned up the Amiga port code to use atexit() rather than the previous macro hack. Thanks to Kris Katterjohn (kjak(a)ispwest.com) for the patch. Applied maybe half a dozen new other code cleanup patches from him as well. o Made some changes to various Nmap initialization functions which help ALT Linux (altlinux.org) and Owl (openwall.com) developers run Nmap in a chroot environment. Thanks to Dmitry V. Levin (ldv(a)altlinux.org) for the patch. o Cleaned up the code a bit by making a bunch (nearly 100) global symbols (mostly function calls) static. I was also able to removed some unused functions and superfluous config.h.in defines. Thanks to Dmitry V. Levin (ldv(a)altlinux.org) for sending a list of candidate symbols. o Nmap now tests for the existence of data files using stat(2) rather than testing whether they can be opened for reading (with fopen). This is because some device files (tape drives, etc.) may react badly to being opened at all. Thanks to Dmitry V. Levin (ldv(a)altlinux.org) for the suggestion. o Changed Nmap to cache interface information rather than opening and closing it (with dnet's eth_open and eth_close functions) all the time. o Applied a one-character Visual Studio 2005 compatibility patch from kx (kxmail(a)gmail.com). It changed getch() into _getch() on Windows. o Added the --log-errors option, which causes most warnings and error messages that are printed to interactive-mode output (stdout/stderr) to also be printed to the normal-format output file (if you specified one). This will not work for most errors related to bad command-line arguments, as Nmap may not have initialized its output files yet. In addition, some Nmap error/warning messages use a different system that does not yet support this option. o Rewrote much of the Nmap results output functions to be more efficient and support --log-errors. o Fixed a flaw in the scan engine which could (in rare cases) lead to a deadlock situation that prevents a scan from completing. Thanks to Ganga Bhavani (GBhavani(a)everdreamcorp.com) for reporting and helping to debug the problem. o If the pcap_open_live() call (initiates sniffing) fails, Nmap now tries up to two more times after waiting a little while. This is attempt to work around a rare bug on Windows in which the pcap_open_live() fails for unknown reasons. o Fixed a flaw in the runtime interaction in which Nmap would include hosts currently being scanned in the number of hosts "completed" statistic. o Fixed a crash in OS scan which could occur on Windows when a DHCP lease issue causes the system to lose its IP address. Nmap still quits, but at least it gives a proper error message now. Thanks to Ganga Bhavani (GBhavani(a)everdreamcorp.com) for the patch. o Applied more than half a dozen small code cleanup patches from Kris Katterjohn (kjak(a)ispwest.com). o Modified the configure script to accept CXX when specified as an absolute path rather than just the executable name. Thanks to Daniel Roethlisberger (daniel(a)roe.ch) for this patch. Cheers, Fyodor _______________________________________________ Sent through the nmap-hackers mailing list http://cgi.insecure.org/mailman/listinfo/nmap-hackers
Current thread:
- Nmap 4.03 Released; Survey Status Fyodor (Apr 24)