Nmap Announce mailing list archives
Lots of Nmap News
From: Fyodor <fyodor () insecure org>
Date: Thu, 31 Jul 2008 14:45:38 -0700
Hi All. I feel derelict for failing to post any Nmap news to this nmap-hackers list in the last four months, but you can rest assured that we've been busy on the project! For example, there have been 1,181 posts on the nmap-dev list (not all from me) since my March nmap-hackers announcements. So you can always join that if you want a constant flood of Nmap news :). There have also been several stable Nmap releases since that time, great news on the Nmap book project, web site improvements, Google SoC success stories, and much more! In this mail, I describe the most important general Nmap and Insecure.Org news, while the next email will introduce Nmap 4.68 and 125 of its most important enhancements since March. ==Black Hat and Defcon Presentations== I will be speaking next week in Las Vegas at the Black Hat Briefings in the first speaking slot (10AM Wednesday the 6th) and then at Defcon on Friday the 8th (4PM). My talk discusses the results of large-scale Internet scans I've been conducting, and demonstrates how you can use the empirical data to make your scans (over the Internet or even internal) more efficient. I also plan to show off new and poorly-understand features which can help you bypass firewall restrictions, reduce scan times, and gather more information about remote hosts. Preparing for this presentation required scanning millions of hosts and got me into minor trouble with my ISP and also with the U.S. Department of Defense Joint Task Force for Global Network Operations. Apparently they don't like people scanning their sensitive military installations. But if they are so sensitive, maybe they shouldn't be on the Internet in the first place. Anyway, when you see the new Nmap features this data enables, I hope you'll agree that it was worth ruffling some feathers :). ==Nmap Network Scanning book== Most of you know that I've been working for years on a comprehensive guide to Nmap and network/security scanning. I'm happy to report that the book is almost done! Here is the marketing blurb: "From port scanning basics for novices to the type of packet crafting used by advanced hackers, this book suits all levels of security and networking professionals. Rather than simply document what every Nmap option does, Nmap Network Scanning demonstrates how these features can be applied to solve real world tasks such as penetration testing, taking network inventory, detecting rogue wireless access points or open proxies, quashing network worm and virus outbreaks, and much more. Examples and diagrams show actual communication on the wire. This book is essential for anyone who needs to get the most out of Nmap, particularly security auditors and systems or network administrators." I plan to do the official release in mid/late September, but I've printed up 75 pre-release copies each for Black Hat and Defcon. The Black Hat copies will be available at the Black Hat Bookstore starting on Tuesday evening or Wednesday morning. At Defcon the books will be sold by Bill Pollock at his No Starch Press table in the vendor area (starting at 10AM Friday). I'm planning to do a signing right after my Black Hat talk in the bookstore, and right after my Defcon talk in either the QA room or the No Starch booth. But the trick to get a book before they sell out will probably be to pick it up _before_ my talks, and then you can bring the copy to the signing. More than 7,000 people are expected at Defcon, so 75 books may not last long. You can find a lot more about the book online: Description and pictures: http://nmap.org/book/ Defcon pre-release table of contents: http://nmap.org/book/toc.pdf Acknowledging the dozens of people who helped make this happen: http://nmap.org/book/acknowledgements.html If you'd like to see a sample chapter, you have plenty to choose from! About half of the book is already online at: http://nmap.org/book/toc.html ==Mac OS X Nmap/Zenmap Installer== A native Mac OS X installer for Nmap and the Zenmap GUI is now available from the Nmap download page (http://nmap.org/download.html). We plan to create these for each new release now, just as we do with the Linux RPMs and the Windows installer. Installation is straightforward, but detailed instructions are available anyway at http://nmap.org/book/inst-macosx.html . As a universal installer, it works on both Intel and PPC Macs. It is distributed as a disk image file (.dmg) containing an mpkg package. OpenSSL is supported, and it also supports Authorization Services so that Zenmap can run as root. Thanks to David Fifield for all his hard work in creating this! ==Mailing list RSS Feed Improvements== The nmap-dev and nmap-hackers mailing list RSS feeds at SecLists.Org now include message excerpts to make it easier to identify interesting messages and speed the process of reading through the list. Feeds for Bugtraq, Full Disclosure, Security Basics, Pen-Test, and all other mailing lists archived at http://seclists.org have been similarly augmented. For details, see http://seclists.org/nmap-dev/2008/q2/0333.html . ==Google Summer of Code== Seven Google-sponsored Summer of Code students are spending the summer working full time on exciting Nmap projects. The winning students and their Nmap development projects are showcased at http://seclists.org/nmap-dev/2008/q2/0132.html . All of them have already written code which has been integrated into Nmap, and they still have several weeks of work left. ==Nmap's 7th Movie== To end on a fun note, Nmap recently appeared in its seventh movie--the acclaimed Thai thriller "13: Game of Death". This movie follows the story of a man given the chance to complete 13 challenges to win $100 million. Successive challenges become increasingly intense, dangerous, and illegal. What would you do for $100 million? I posted a video clip and screenshots yesterday to the Nmap movies page: http://nmap.org/movies.html ==New Nmap Releases== Nmap has so many new features and improvements that they deserve their own email. I'll send it shortly! I look forward to seeing many of you next week at Black Hat and Defcon! Cheers, Fyodor _______________________________________________ Sent through the nmap-hackers mailing list http://cgi.insecure.org/mailman/listinfo/nmap-hackers Archived at http://seclists.org
Current thread:
- Lots of Nmap News Fyodor (Jul 31)