Nmap Announce mailing list archives

Previous By Date Next
Previous By Thread Next

Nmap 4.03 Released; Survey Status

From: Fyodor <fyodor () insecure org>
Date: Mon, 24 Apr 2006 11:19:59 -0700
Hello everyone,

First let me thank all of you who took the 2006 Nmap survey!  The goal
was 2,500 responses, and I'm pleased to report that we achieved more
than 3,000!  I am tabulating the results now and will send mail when
they are ready.  First up will be the top tools list, as you guys
suggested many new and valuable ones!

I am also pleased to report that Nmap 4.03 is now available.  It is
mostly a bug and portability fix release, though it does have a few
new features as well.  With this "stable version" out of the way, I
plan to resume breaking stuff to implement a 2nd generation OS
detection system.

As always, Nmap is available from
http://www.insecure.org/nmap/download.html

Here are the changes since 4.01:

o Updated to a newer XSL stylesheet (for XML to HTML output
  transformation) by Benjamin Erb.  This new version includes IP
  address sorting, removal of javascript requirements, some new
  address, hostname, and Nmap version information, and various minor
  tweaks and fixes.

o Updated the LibPCRE build system to add the -fno-thread-jumps option
  to gcc when compiling on the new Intel-based Apple Mac OS X systems.
  Hopefully this resolves the version detection crashes that several
  people have reported on such systems.  Thanks to Kurt Grutzmacher
  (grutz(a)jingojango.net) for sending the configure.ac patch.

o Service fingerprints are now provided in the XML output whenever
  they would appear in the interactive output (i.e. when a service
  response with data but is unrecognized).  They are shown in a new
  'servicefp' attribute to the 'service' tag.  Thanks to Brandon Enright
  (bmenrigh(a)ucsd.edu) for sending the patch.

o WinPcap 3.1 binaries are now shipped in the Nmap tarball, along with
  a customized installer written by Doug Hoyte.  That new WinPcap
  installer is now used by the Nmap self-installer (if you request
  WinPcap installation).  Some Nmap users were uncomfortable with a
  "phone home" feature of the official WinPcap installer.  It connects
  back to CACE Technologies, ostensibly to display news and (more
  recently) advertisements.  Our new installer omits that feature, but
  should be otherwise perfectly compatible with WinPcap 3.1.

o Improved the Windows build system -- mswin32/Makefile now takes care
  of packaging Nmap and creating the installers once Visual Studio (GUI)
  is done building the Release version of mswin32/nmap.sln.  If someone
  knows how to do this (build) step on the command line (using the
  Makefile), please let me know.  Or if you know how to at least make
  'Release' (rather than Debug) the default configuration, that would be
  valuable.

o Made some portability fixes to keep Nmap compiling with the newest
  Visual Studio 2005.  Thanks to KX (kxmail(a)gmail.com) for
  suggesting them.

o Fixed (I hope) a problem where aggressive --min-parallelization
  option values could cause Nmap to quit with the message "box(300, 100,
  15) called (min,max,num)".  Thanks to  Richard van den Berg
  (richard.vandenberg(a)ins.com) for reporting the problem.

o Fixed a rare crash bug thanks to a report and patch from Ganga
  Bhavani (GBhavani(a)everdreamcorp.com)

o Increased a write buffer length to avoid Nmap from quitting with the
  message "log_vwrite: write buffer not large enough -- need to
  increase".  Thanks to Dave (dmarcher(a)pobox.com) for reporting the
  issue.

o Cleaned up the Amiga port code to use atexit() rather than the
  previous macro hack.  Thanks to Kris Katterjohn (kjak(a)ispwest.com)
  for the patch.  Applied maybe half a dozen new other code cleanup
  patches from him as well.

o Made some changes to various Nmap initialization functions which
  help ALT Linux (altlinux.org) and Owl (openwall.com) developers run
  Nmap in a chroot environment.  Thanks to Dmitry V. Levin
  (ldv(a)altlinux.org) for the patch.

o Cleaned up the code a bit by making a bunch (nearly 100) global
  symbols (mostly function calls) static.  I was also able to removed
  some unused functions and superfluous config.h.in defines.  Thanks
  to Dmitry V. Levin (ldv(a)altlinux.org) for sending a list of
  candidate symbols.

o Nmap now tests for the existence of data files using stat(2) rather
  than testing whether they can be opened for reading (with fopen).
  This is because some device files (tape drives, etc.) may react badly
  to being opened at all.  Thanks to Dmitry V. Levin
  (ldv(a)altlinux.org) for the suggestion.

o Changed Nmap to cache interface information rather than opening and
  closing it (with dnet's eth_open and eth_close functions) all the
  time.

o Applied a one-character Visual Studio 2005 compatibility patch from
  kx (kxmail(a)gmail.com).  It changed getch() into _getch() on Windows.

o Added the --log-errors option, which causes most warnings and error
  messages that are printed to interactive-mode output (stdout/stderr)
  to also be printed to the normal-format output file (if you
  specified one).  This will not work for most errors related to bad
  command-line arguments, as Nmap may not have initialized its output
  files yet.  In addition, some Nmap error/warning messages use a
  different system that does not yet support this option.

o Rewrote much of the Nmap results output functions to be more
  efficient and support --log-errors.

o Fixed a flaw in the scan engine which could (in rare cases)
  lead to a deadlock situation that prevents a scan from completing.
  Thanks to Ganga Bhavani (GBhavani(a)everdreamcorp.com) for reporting
  and helping to debug the problem.

o If the pcap_open_live() call (initiates sniffing) fails, Nmap now
  tries up to two more times after waiting a little while. This is
  attempt to work around a rare bug on Windows in which the
  pcap_open_live() fails for unknown reasons.

o Fixed a flaw in the runtime interaction in which Nmap would include
  hosts currently being scanned in the number of hosts "completed"
  statistic.

o Fixed a crash in OS scan which could occur on Windows when a DHCP
  lease issue causes the system to lose its IP address.  Nmap still
  quits, but at least it gives a proper error message now.  Thanks to
  Ganga Bhavani (GBhavani(a)everdreamcorp.com) for the patch.

o Applied more than half a dozen small code cleanup patches from
  Kris Katterjohn (kjak(a)ispwest.com).

o Modified the configure script to accept CXX when specified as an
  absolute path rather than just the executable name.  Thanks to
  Daniel Roethlisberger (daniel(a)roe.ch) for this patch.

Cheers,
Fyodor


_______________________________________________
Sent through the nmap-hackers mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-hackers
Previous By Date Next
Previous By Thread Next

Current thread: