Nmap News: 4.76 release, Defcon presentation online, Is port scanning legal?

[Fyodor <fyodor () insecure org>]

Hi everyone.  I'm happy to report that the Nmap 4.75 release (with
port frequencies, Zenmap topology, etc.) was a big success.  But such
large exposure inevitably leads to bug discovery, so we've
released version 4.76 with about a dozen small fixes and stability
improvements.  If 4.75 is working great for you, there is probably no
need to upgrade.  But if you encountered problems, or if you are the
type who waits a couple weeks for stabilization before trying a big
new release, now is your chance to upgrade to 4.76.  It's available at
the normal location:

http://nmap.org/download.html

And you can read about the changes here:

http://nmap.org/changelog.html

Speaking of the big 4.75 changes, I presented many of them at Defcon
and Black Hat last month in Las Vegas, including details behind my
Worldscan project (scanning tens of millions of hosts all over the
Internet) and some of the ways smart folks can use this empirical data
to make your scans more effective.

But I know that some of you couldn't make it to Defcon this year, and
even many who came were turned away from my talk because the room was
full :(.  So now that 4.75 is out and includes most of the new
features I demonstrate in the presentation, I've posted the audio,
video, and slides online (along with a previous presentation at
ShmooCon) at my new presentations page:

http://insecure.org/presentations/

Note a few of the new features discussed (particularly Ncat and Ndiff)
didn't make it into 4.75, but they are available now in our SVN
repository:

http://nmap.org/book/install.html#inst-svn

The third thing I wanted to mention is that I've freed Ch1 of my
upcoming (in late October) Nmap book.  I actually put this online a
while back, but forgot to link to it or tell anyone :).  The title is
"Getting Started with Nmap", which sounds too basic for a group of
nmap-hackers.  But there are several sections you might find
interesting:

"Legal issues" discusses whether unauthorized port scanning is a crime
and also how to mitigate the risk of crashing target
computers/networks:

http://nmap.org/book/legal-issues.html

"The History and Future of Nmap" discusses where we've been and where
we're going:

http://nmap.org/book/history-future.html

Sometimes the best way to understand something is to see it in action.
The "Nmap Overview and Demonstration" section includes examples of
Nmap used in (mostly) fictional yet typical circumstances.  The Nmap
experts here probably won't learn much from this section, but it is
good for getting newbies excited about Nmap and to understand the
basics:

http://nmap.org/book/nmap-overview-and-demos.html

Enjoy all the new content!
-Fyodor
_______________________________________________
Sent through the nmap-hackers mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-hackers
Archived at http://seclists.org