Results 1 to 5 of 5

Thread: NMAP 4.03 Released

  1. #1
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,885

    NMAP 4.03 Released

    From Fyodor....

    Hello everyone,

    First let me thank all of you who took the 2006 Nmap survey! The goal was 2,500 responses, and I'm pleased to report that we achieved more than 3,000! I am tabulating the results now and will send mail when they are ready. First up will be the top tools list, as you guys suggested many new and valuable ones!

    I am also pleased to report that Nmap 4.03 is now available. It is mostly a bug and portability fix release, though it does have a few new features as well. With this "stable version" out of the way, I plan to resume breaking stuff to implement a 2nd generation OS detection system.

    As always, Nmap is available from http://www.insecure.org/nmap/download.html

    Here are the changes since 4.01:

    o Updated to a newer XSL stylesheet (for XML to HTML output
    transformation) by Benjamin Erb. This new version includes IP
    address sorting, removal of javascript requirements, some new
    address, hostname, and Nmap version information, and various minor
    tweaks and fixes.

    o Updated the LibPCRE build system to add the -fno-thread-jumps option
    to gcc when compiling on the new Intel-based Apple Mac OS X systems.
    Hopefully this resolves the version detection crashes that several
    people have reported on such systems. Thanks to Kurt Grutzmacher
    (grutz(a)jingojango.net) for sending the configure.ac patch.

    o Service fingerprints are now provided in the XML output whenever
    they would appear in the interactive output (i.e. when a service
    response with data but is unrecognized). They are shown in a new
    'servicefp' attribute to the 'service' tag. Thanks to Brandon Enright
    (bmenrigh(a)ucsd.edu) for sending the patch.

    o WinPcap 3.1 binaries are now shipped in the Nmap tarball, along with
    a customized installer written by Doug Hoyte. That new WinPcap
    installer is now used by the Nmap self-installer (if you request
    WinPcap installation). Some Nmap users were uncomfortable with a
    "phone home" feature of the official WinPcap installer. It connects
    back to CACE Technologies, ostensibly to display news and (more
    recently) advertisements. Our new installer omits that feature, but
    should be otherwise perfectly compatible with WinPcap 3.1.

    o Improved the Windows build system -- mswin32/Makefile now takes care
    of packaging Nmap and creating the installers once Visual Studio (GUI)
    is done building the Release version of mswin32/nmap.sln. If someone
    knows how to do this (build) step on the command line (using the
    Makefile), please let me know. Or if you know how to at least make
    'Release' (rather than Debug) the default configuration, that would be
    valuable.

    o Made some portability fixes to keep Nmap compiling with the newest
    Visual Studio 2005. Thanks to KX (kxmail(a)gmail.com) for
    suggesting them.

    o Fixed (I hope) a problem where aggressive --min-parallelization
    option values could cause Nmap to quit with the message "box(300, 100,
    15) called (min,max,num)". Thanks to Richard van den Berg
    (richard.vandenberg(a)ins.com) for reporting the problem.

    o Fixed a rare crash bug thanks to a report and patch from Ganga
    Bhavani (GBhavani(a)everdreamcorp.com)

    o Increased a write buffer length to avoid Nmap from quitting with the
    message "log_vwrite: write buffer not large enough -- need to
    increase". Thanks to Dave (dmarcher(a)pobox.com) for reporting the
    issue.

    o Cleaned up the Amiga port code to use atexit() rather than the
    previous macro hack. Thanks to Kris Katterjohn (kjak(a)ispwest.com)
    for the patch. Applied maybe half a dozen new other code cleanup
    patches from him as well.

    o Made some changes to various Nmap initialization functions which
    help ALT Linux (altlinux.org) and Owl (openwall.com) developers run
    Nmap in a chroot environment. Thanks to Dmitry V. Levin
    (ldv(a)altlinux.org) for the patch.

    o Cleaned up the code a bit by making a bunch (nearly 100) global
    symbols (mostly function calls) static. I was also able to removed
    some unused functions and superfluous config.h.in defines. Thanks
    to Dmitry V. Levin (ldv(a)altlinux.org) for sending a list of
    candidate symbols.

    o Nmap now tests for the existence of data files using stat(2) rather
    than testing whether they can be opened for reading (with fopen).
    This is because some device files (tape drives, etc.) may react badly
    to being opened at all. Thanks to Dmitry V. Levin
    (ldv(a)altlinux.org) for the suggestion.

    o Changed Nmap to cache interface information rather than opening and
    closing it (with dnet's eth_open and eth_close functions) all the
    time.

    o Applied a one-character Visual Studio 2005 compatibility patch from
    kx (kxmail(a)gmail.com). It changed getch() into _getch() on Windows.

    o Added the --log-errors option, which causes most warnings and error
    messages that are printed to interactive-mode output (stdout/stderr)
    to also be printed to the normal-format output file (if you
    specified one). This will not work for most errors related to bad
    command-line arguments, as Nmap may not have initialized its output
    files yet. In addition, some Nmap error/warning messages use a
    different system that does not yet support this option.

    o Rewrote much of the Nmap results output functions to be more
    efficient and support --log-errors.

    o Fixed a flaw in the scan engine which could (in rare cases)
    lead to a deadlock situation that prevents a scan from completing.
    Thanks to Ganga Bhavani (GBhavani(a)everdreamcorp.com) for reporting
    and helping to debug the problem.

    o If the pcap_open_live() call (initiates sniffing) fails, Nmap now
    tries up to two more times after waiting a little while. This is
    attempt to work around a rare bug on Windows in which the
    pcap_open_live() fails for unknown reasons.

    o Fixed a flaw in the runtime interaction in which Nmap would include
    hosts currently being scanned in the number of hosts "completed"
    statistic.

    o Fixed a crash in OS scan which could occur on Windows when a DHCP
    lease issue causes the system to lose its IP address. Nmap still
    quits, but at least it gives a proper error message now. Thanks to
    Ganga Bhavani (GBhavani(a)everdreamcorp.com) for the patch.

    o Applied more than half a dozen small code cleanup patches from
    Kris Katterjohn (kjak(a)ispwest.com).

    o Modified the configure script to accept CXX when specified as an
    absolute path rather than just the executable name. Thanks to
    Daniel Roethlisberger (daniel(a)roe.ch) for this patch.

    Cheers,
    Fyodor
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  2. #2
    Senior Member
    Join Date
    Mar 2005
    Posts
    400
    I would like to see a frontend for Nmap that allows simply picking the radio button options you want prior to scanning.
    I don't want to remember Nmap syntax or create bunches of Nmap batch files or even an Nmap conditional batch file. I did all that batch file work and more in DOS years ago. No more! Where's the GUI?
    ZT3000
    Beta tester of "0"s and "1"s"

  3. #3
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,885
    Have you looked at the NmapFE on the insecure site? I think you might want to as it does what you're asking.



    --Th13
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  4. #4
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325
    There is also WiNmap, though, it's not updated all the time.

    http://philippsworld.net/software_winmap.htm

    After a while, you just get used to using the CLI. The switches/syntax really aren't all that hard to remember...

    There are all kinds of cool projects built on/around/for nmap.

    http://www.insecure.org/nmap/nmap_relatedprojects.html
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  5. #5
    Thanks for the update. Also, on Insecure it says that FE is hella behind on Windows. ^_^ Besides, you automated testing via scripts is nicer without the front end?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •