changelog

Overview是Linux,FreeBSD,UNIX,Windows下的网络扫描和嗅探工 具包,其基本功能有三个,一是探测一组主机是否在线 其次是扫描 主机端口,嗅探所提供的网络服务 还可以推断主机

o Nmap binary is now stripped again, but it now uses -x to avoid
  stripping dynamically loaded NSE functions on Mac OS X. [David]

o Normalized Zenmap's handling of results files specified on the
  command line.  In some cases, Zenmap would ignore specified results
  files just because some unrelated options were used. [David]

o configure.ac now uses literal directory names rather than variable
  references in calls to AC_CONFIG_SUBDIRS.  This removes an annoying
  warning message which has existed for years when you regenerate
  configure. [David]

o Fixed a configure.ac error which prevented you from specifying an
  alternative libnsock directory. [David]

o Check for Python in configure only if Zenmap is requested, and bail
  out if Zenmap is explicitly requested (--with-zenmap) and Python is
  not available. [David]

o Removed some unimplemented Zenmap command-line options and function
  calls. [David]

4.23RC2

o Static code analysis company Coverity generously offered to scan the
  Nmap code base for flaws, and Kris volunteered to go through their
  report and fix the ones which were actual/possible problems rather
  than false positives.  Their system proved quite useful, and about a
  dozen potential problems were fixed.  For details, see Kris'
  11/15/07 SVN commits.

o Improved the Zenmap RPM file so that it should work on either Python
  2.4 or Python 2.5 machines.  It should also work on any platform (x86,
  x86_64, etc.) [David]

o WinPcap updated from version 4.0.1 to the new 4.0.2 release. [David]

o Added PPTP version detection NSE script (PPTPversion.nse) from
  Thomas Buchanan.  Nmap now ships with 38 NSE scripts.

o A number of Solaris compilation fixes were added.  Hopefully it
  works for more Solaris users now. We also fixed an alignment issue
  which could cause a bus error on Solaris. [David]

o When an NSE script changes the state of a port (e.g. from
  open|filtered to open), the --reason flag is now changed to
  "script-set".  Also, the port state reason is now available to NSE
  scripts through a "reason" element in the port-table.  Thanks to
  Matthew Boyle for the patch.

o When version detection changes the state of a port, the reason field
  is now updated as well (to udp-response or tcp-response as
  applicable).  Thanks to Thomas Buchanan for the patch.

o Reworded an error message after a woman reported that it was "highly
  offensive and sexist".  She also noted that "times have changed and
  many women now use your software" and "a sexist remark like the one
  above should have no place in software."  The message was: "TCP/IP
  fingerprinting (for OS scan) requires root privileges. Sorry,
  dude.".  I checked svn blame to call out the insensitive,
  chauvinistic jerk who wrote that error message, but it was me :).

o We received a bug report through Debian entitled "Nmap is a
  clairvoyant" because when you run it with -v on September 1 1970, it
  reports "Happy -27th Birthday to Nmap, may it live to be 73!".  We
  have decided that clairvoyance is a feature and ignored the report.

o We no longer strip the Nmap binary before installing it, as that was
  leading to a runtime error on Mac OS X: "lazy symbol binding failed:
  Symbol not found: _luaL_openlib".  Unfortunately, the unstripped
  Nmap binary can be much larger (e.g. 4MB vs. 800KB) so we are
  working on a better fix which allows us to continue stripping the
  binary on other platforms.

o Zenmap configuration/customization files renamed from ~/.umit to
  ~/.zenmap and umit.conf to zenmap.conf, etc. [David]

o Fixed a Zenmap bug  where if you try to edit a profile and then
  click cancel, that profile ends up deleted. [Luis A. Bastiao]

o The NSE shortport rules now allow for multiple matching states
  (e.g. open or open|filtered) to be specified. This silently failed
  before. [Eddie]

o Regenerate configure scripts with Autoconf 2.61 and update
  config.guess and config.sub files with the latest versions from
  http://cvs.savannah.gnu.org/viewvc/config/?root=config . [David]

4.23RC1

o NmapFE is now gone.  It had a good run as the default Nmap GUI
  for more than 8 years (since April 1999).  But after two years of
  development, Zenmap is ready to take its place.  Zenmap is portable
  and provides a much better interface to executing and (especially)
  viewing and analyzing Nmap results.  David did the honors of
  removing NmapFE.

o We have lost another old friend as well:  1st generation OS
  detection system.  Nmap revolutionized OS detection when this was
  released in October 1998 and it served us well for more than 9 years
  as the database grew to 1,684 fingerprints.  But the 2nd generation
  system incorporates everything we learned during all those years and
  has proven itself even more effective.  I couldn't bear to kill this
  myself, so David did the dirty work.

o There is no longer any artificial limit on the number of ports or
  protocols that can be used for host discovery. Port lists for ping
  scan now use the same syntax as the -p option except that T:, U:,
  and P: are not allowed. This means that you can do
    nmap -PS1-1000 target
    nmap -PAhttp,https target
    nmap -PU'[-]' target
  [David]

o Zenmap is now available packaged in RPM format.  Since Zenmap is
  written in Python, we no longer have to have separate x86 and x86_64
  versions like we did with NmapFE (and like we still do with
  Nmap). [David]

o Fixed a crash (assertion failure) which could occur during ARP Ping
  scan [Kris]

o Fixed Zenmap so that it can handle asterisks in the command line
  (e.g. "nmap 192.168.*.*" or "nmap -phttp* localhost") [David]

o Change the Zenmap bug report dialogue to now give instructions for
  reporting issues to nmap-dev. [David]

o Modified higwidgets/higdialogs.py for compatibility with old
  versions of PyGTK. [David]

o Updated IANA assignment IP list for random IP (-iR)
  generation. [Kris]

o Fixed a number of spelling errors in the Reference Guide (man page)
  [Doug]

4.22SOC8

o Removed the old massping() system, since the functionality has now
  been migrated into the existing ultra_scan() system (which is used
  for port scanning too).  Thanks to David for doing the migration,
  which involved a lot of work and testing.  The new system is
  frequently faster and more accurate than massping(), and some of the
  new algorithms benefit port scans too.

o Renamed Umit to Zenmap to reduce confusion between the version we
  ship with Nmap as the integrated GUI and the version maintained
  separately at umit.sourceforge.net.  We are excited about Zenmap and
  expect to remove NmapFE in the near future

o Integrated all of your Q3 service detection submissions!  We have
  now surpassed 4500 signatures and are approaching 500 service
  protocols.  Wow!  Thanks to Doug for doing the integration.  His
  notes on the crazy and interesting services discovered this quarter
  are at http://hcsw.org/blog.pl/31 .

o Added a new ping type: IPProto Ping.  Use -PO (that is the letter O
  as in prOtOcOl, not a zero).  This is similar to protocol scan (-sO)
  in that it sends IP headers with different protocols in the hope of
  eliciting a response from targets.  The default is to send with
  protocols 1 (ICMP), 2 (IGMP), and 4 (IP-in-IP tunnel), but you can
  specify different protocol numbers on the command line the same way
  you specify TCP/UDP ports to -PS or -PU. To reduce confusion, we now
  recommend that -PN be used when you don't want pings done rather
  than using the old -P0 (zero). [Kris]

o The SMTPcommands.nse script was updated to support the HELP query in
  addition to EHLO [Jason DePriest]

o Added --ttl support for connect() scans (-sT). [Kris]

o Combine the Zenmap setup scripts into one portable setup.py rather
  than having separate versions for Windows, Unix, and Mac OS X.

o Removed a bunch of unnecessary/incomplete code and data files from
  Zenmap. [ David]

o In Nbase, switched from GNU's getopt() replacement functions to
  Ben Sittler's BSD-licensed (but GNU compatible) functions. [Kris]

o Include nmap.h in portreasons.h.  This fixes a compilation problem
  reported on OpenBSD. [David]

o Change PCRE from an NSELib module back to statically linked code due
  to OpenBSD compilation problems.  See
  http://seclists.org/nmap-dev/2007/q4/0085.html [David]

o Fix a problem with --reason printing the wrong host discovery
  reasons when ICMP destination unreachable packets arrived. [Kris]

o Nmap has better dependency tracking now such that it no longer
  builds the executable every time you type 'make'.  This was causing
  problems where 'make; sudo make install' would create a root-owned
  nmap executable because it was rebuilt as part of 'make
  install'. [David]

4.22SOC7

o Integrated all of your OS detection new fingerprint submissions and
  correction reports.  The grew more DB more than 18% to 825
  fingerprints.  Keep those submissions coming!  [David]

o Made a number of significant improvements to host discovery
  algorithms for better performance and reliability. [David]

o Fixed a bug which prevented the first OS detection guess from being
  included in XML output.  This only applies when no exact matches
  were found.  Thanks to Martyn Tovey of Netcraft for reporting the
  problem and helping to track it down in the code.

o Improve the script scan scheduling system to prevent the system from
  running out of sockets by executing too many scripts concurrently
  during large scans.  Thanks to Brandon Enright for finding the bug
  and Stoiko for fixing it.

o Added nmap.verbosity() and nmap.debugging() functions for scripts to
  determine the Nmap verbosity/debugging level. [Kris]

o Fixed a crash (assertion error) which occurred when the first hop of
  the first system (reference trace) times out. [Eddie]

o UMIT no longer rewrites a bunch of script files to replace variables
  such as VERSION and REVISION in the SVN working directory. [David,
  Adriano]

o UMIT icon loading code simplified and made platform
  independent. [David]

o Removed PIL dependency from UMIT package generation system.  We now
  use GTK to put the version number in the splash screen. [Adriano]

o UMIT no longer crashes just because documentation files are
  missing. [Adriano]

o Removed unnecessary recent_scans.txt and target_list.txt files from
  UMIT. Some unnecessary copies of Nmap data files were removed as
  well. [David, Adriano]

o Updated the *.dmp preprocessed Nmap data files used by UMIT, and
  also updated the scripts used to create them. [David]

o Winpcap installer was updated so that on Windows Vista it uses a
  different Packet.dll and omits WanPacket.dll. [Eddie]

o Unix installation now places NSELib dynamic libraries in 'libexec'
  rather than 'share' directories, since they are architecture
  dependent.  Thanks to Christoph J. Thompson for the patch.

o Fix bug related to users providing custom libpcre location to
  configure (reported by Daniel Johnson, fixed by Stoiko).  A patch
  from Marek Majkowski which caps the number of sockets opened by NSE
  scripts was also applied.

o The UMIT version number is automatically updated to be the same as
  the Nmap version number rather than always being 0.9.4. [David]

o UMIT now sorts port numbers numerically rather than alphabetically
  [Adriano]

o Three UMIT data files (options.xml, profile_editor.xml, and
  wizard.xml) are installed in the shared UMIT data directory
  (e.g. /usr/share/umit/misc) rather than in every user's ~/.umit
  directory. [David]

o Added HTTPtrace demo NSE script by Kris, who also updated his
  HTTPpasswd script.

o A bunch of capitalization/spelling canonicalization changes were
  made to Nmap output. For example: ftp to FTP and idlescan to
  idle scan.

o Made some improvements to the nmap.xsl stylesheet for converting
  Nmap XML results to HTML reports.  It now does a better job at
  removing empty sections and headers. Thanks to Henrik Lund Kramshoej
  for the patch.

o Updated nmap-mac-prefixes with the latest IEEE data.

o Disabled auto-generation of libpcre/pcre_chartables.c because that
  was useless for our purposes and could also cause some version
  control related problems. [David]

o Updated IANA assignment IP list for random IP (-iR)
  generation. [Kris]

4.22SOC6

o Included David's major massping migration project.  The same
  underlying engine is now uses for ping scanning as for port
  scanning.  We hope this will lead to better performance and
  accuracy, as well as helping to de-bloat Nmap.  Please test it out
  and report your results to nmap-dev!  For more details, see
  http://seclists.org/nmap-dev/2007/q3/0277.html

o Fixed UMIT bug which occurred when installing to a non-standard
  directory (e.g. a home directory).  This caused Python to not be able
  to find the necessary files. [Kris]