Nmap Development mailing list archives
Re: Diet Nmap v3.95 Released
From: Fyodor <fyodor () insecure org>
Date: Tue, 13 Dec 2005 03:26:51 -0800
On Mon, Dec 12, 2005 at 01:00:12PM +0100, Martin Macok wrote:
Great work (especially for the diet thing)! I have adapted my various older (pending) patches for 3.95 if anyone is interested (I hope I didn't break it while adapting to new diet): http://Xtrmntr.org/ORBman/tmp/nmap/
Thanks, Martin. You have done many great patches in the past. Many have been integrated into base Nmap, and I'm sure the others were useful to many users (manually applied) as well. So I just took a look at what you have there: == nmap-3.93-service-probes.patch == Adjusts some service probes to be more accurate. Applied for the next version of Nmap. == nmap-3.30-data.patch == This changes the name of the dhcpserver/dhcpclient ports to bootps/bootpc. While I recognize that IEEE uses the latter name, I think more people are likely to recognize the former. I have shortened them to dhcps/dhcpc though. Your patch also adds a couple new service, which I have added for the next version. == nmap-3.30-idle.patch == This patch allows a user to specify that SYN packets should be sent to the Idle proxy to probe for IPID rather than the default SYN/ACK. I can see hypothetical cases where this could be useful, but it is pretty obscure. Do you use this a lot? Can you describe the benefits? Unless I hear from more people that are interested in it, maybe it should be kept as a patch that people who want the feature can apply. == nmap-3.78-option-max_retransmissions.patch == Looks good! I applied this, though with a bunch of changes. I named the option --max_retries (shorter, if not quite as descriptive) and made the values a little less aggressive. I also decided to allow --max_retries 0 in case you don't want any retries at all (only advisable for informal surveys and other cases where missing occasional ports/hosts is acceptable). == nmap-3.81-osscan_no_ports_reuse.patch == This will break (ignore) -g for OS scan, and I'm uncomfortable with the way it sets o.magic_port in osscan.cc. That value is really "supposed" to be read only, though it isn't enforced in the code. == nmap-3.81.top14-ports == This is a patch to NmapFE to add an option to scan just the "top 14" ports. Did you come up with these values from empirical scanning? I wouldn't mind adding an option like this, but I'd like to see good reasoning for choosing a particular set of ports. Maybe this list should be expanded to top 30 instead? == nmap-3.84ALPHA2-sf_misc.patch == This makes minor nmap-service-probes changes. Applied. == nmap-3.95-CONNECT-closedfiltered.patch == I'm not convinced that connect() scan should change all instances of closed to closed|filtered. == nmap-3.95-detect_TARPIT.patch == This patch detects Labrea and iptables tarpits, and avoids scanning them if it finds them during ping scan. Neat patch, and I'm glad it exists for people who want the functionality, but I'm not sure that it belongs in mainline Nmap. == nmap-3.95-defeat_ratelimits.patch == This looks promising, especially the ICMP error rate limiting part. I'm too tired tonight, but made a note to examine it later. Thanks again! -Fyodor _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev
Current thread:
- Re: Diet Nmap v3.95 Released William MacKay (Dec 11)
- Re: Diet Nmap v3.95 Released Schneelocke (Dec 11)
- Re: Diet Nmap v3.95 Released Ismail Donmez (Dec 11)
- Re: Diet Nmap v3.95 Released Ron (Dec 11)
- Re[2]: Diet Nmap v3.95 Released Thierry Zoller (Dec 11)
- <Possible follow-ups>
- Re: Diet Nmap v3.95 Released Martin Mačok (Dec 12)
- Re: Diet Nmap v3.95 Released Fyodor (Dec 13)
- Re: Diet Nmap v3.95 Released Nicob (Dec 13)
- Re: Diet Nmap v3.95 Released Martin Mačok (Dec 13)
- Re: Diet Nmap v3.95 Released uzy (Dec 13)
- Re: Diet Nmap v3.95 Released Martin Mačok (Dec 14)
- Re: Diet Nmap v3.95 Released Fyodor (Dec 13)
- Re: Diet Nmap v3.95 Released Schneelocke (Dec 11)