changelog

Overview是Linux,FreeBSD,UNIX,Windows下的网络扫描和嗅探工 具包,其基本功能有三个,一是探测一组主机是否在线 其次是扫描 主机端口,嗅探所提供的网络服务 还可以推断主机

  September.

o Fixed a bug which would occasionally cause Nmap to crash with the
  message "log_vwrite: write buffer not large enough".  I thought I
  conquered it in a previous release -- thanks to Doug Hoyte for finding a
  corner case which proved me wrong.

o Fixed a bug in the rDNS system which prevented us from querying
  certain authoritative DNS servers which have recursion explicitly
  disabled.  Thanks to Doug Hoyte for the patch.

o --packet-trace now reports TCP options (thanks to Zhao Lei for the
  patch).  Thanks to the --ip-options addition also found in this
  release, IP options are printed too.

o Cleaned up Nmap DNS reporting to be a little more useful and
  concise.  Thanks to Doug Hoyte for the patch.

o Applied a bunch of small internal cleanup patches by Kris Katterjohn
  (katterjohn(a)gmail.com).

o Fixed the 'distclean' make target to be more comprehensive.  Thanks
  to Thomas Buchanan (Thomas.Buchanan(a)thecompassgrp.net) for the
  patch.

Nmap 4.20ALPHA4

o Nmap now provides progress statistics in the XML output in verbose
  mode.  Here are some examples of the format (etc is "estimated time
  until completion) and times are in UNIX time_t (seconds since 1970)
  format. Angle braces have been replaced by square braces:
  [taskbegin task="SYN Stealth Scan" time="1151384685" /]
  [taskprogress task="SYN Stealth Scan" time="1151384715"
                percent="13.85" remaining="187" etc="1151384902" /]
  [taskend task="SYN Stealth Scan" time="1151384776" /]
  [taskbegin task="Service scan" time="1151384776" /]
  [taskend task="Service scan" time="1151384788" /]
  Thanks to Adam Vartanian (flooey(a)gmail.com) for the patch.

o Updated the Windows installer to give an option checkbox for
  performing the Nmap performance registry changes.  The default is to
  do so.  Thanks to Adam Vartanian (flooey(a)gmail.com) for the patch.

o Applied several code cleanup patches from Marek Majkowski.

o Added --release-memory option, which causes Nmap to release all
  accessible memory buffers before quitting (rather than let the OS do
  it).  This is only useful for debugging memory leaks.

o Fixed a bug related to bogus completion time estimates when you
  request an estimate (through runtime interaction) right when Nmap is
  starting.a subsystem (such as a port scan or version detection).
  Thanks to Diman Todorov for reporting the problem and Doug Hoyte for
  writing a fix.

o Nmap no longer gets random numbers from OpenSSL when it is available
  because that turned out to be slower than Nmap's other methods
  (e.g. /dev/urandom on Linux, /dev/arandom on OpenBSD, etc.).  Thanks
  to Marek Majkowski for reporting the problem.

o Updated the Windows binary distributions (self-installer and .zip)
  to include the new 2nd generation OS detection DB (nmap-os-db).
  Thanks to Sina Bahram for reporting the problem.

o Fixed the --max-retries option, which wasn't being honored.  Thanks
  to Jon Passki (jon.passki(a)hursk.com) for the patch.

Nmap 4.20ALPHA3

o Added back Win32 support thanks to a patch by KX

o Fixed the English translation of TCP sequence difficulty reported by
  Brandon Enright, and also removed fingerprint printing for 1st
  generation fingerprints (I don't really want to deal with those
  anymore).  Thanks to Zhao Lei for writing this patch.

o Fix a problem which caused OS detection to be done in some cases
  even if the user didn't request it.  Thanks to Diman Todorov for the
  fix.

Nmap 4.20ALPHA2

o Included nmap-os-db (the new OS detection DB) within the release.
  Oops!  Thanks to Brandon Enright (bmenrigh(a)ucsd.edu) for catching
  this problem with 4.20ALPHA1.

o Added a fix for the crash in the new OS detection which would come
  with the message "Probe doesn't exist! Probe type: 1. Probe subid: 1"

Nmap 4.20ALPHA1

o Integrated initial 2nd generation OS detection patch!  The system is
  documented at http://insecure.org/nmap/osdetect/ .  Thanks to Zhao Lei
  for helping with the coding and design.

o portlist.cc was refactored to remove some code duplication.  Thanks
  to Diman Todorov for the patch.

Nmap 4.11

o Added a dozens of more detailed SSH version detection signatures, thanks
  to a SSH huge survey and integration effort by Doug Hoyte.  The
  results of his large-scale SSH scan are posted at 
  http://seclists.org/nmap-dev/2006/Apr-Jun/0393.html .

o Fixed the Nmap Makefile (actually Makefile.in) to correctly handle
  include file dependencies.  So if a .h file is changed, all of the
  .cc files which depend on it will be recompiled.  Thanks to Diman
  Todorov (diman(a)xover.mud.at) for the patch.

o Fixed a compilation problem on solaris and possibly other platforms.
  The error message looked like "No rule to make target `inet_aton.o',
  needed by `libnbase.a'".  Thanks to Matt Selsky
  (selsky(a)columbia.edu) for the patch.

o Applied a patch which helps with HP-UX compilation by linking in the
  nm library (-lnm).  Thanks to Zakharov Mikhail
  (zmey20000(a)yahoo.com) for the patch.

o Added version detection probes for detecting the Nessus daemon.
  Thanks to Adam Vartanian (flooey(a)gmail.com) for sending the patch.

Nmap 4.10

o Updated nmap-mac-prefixes to reflect the latest OUI DB from the IEEE
  (http://standards.ieee.org/regauth/oui/oui.txt) as of May 31, 2006.
  Also added a couple unregistered OUI's (for QEMU and Bochs)
  suggested by Robert Millan (rmh(a)aybabtu.com).

o Fixed a bug which could cause false "open" ports when doing a UDP
  scan of localhost. This usually only happened when you scan tens of
  thousands of ports (e.g. -p- option).

o Fixed a bug in service detection which could lead to a crash when
  "--version-intensity 0" was used with a UDP scan.  Thanks to Makoto
  Shiotsuki (shio(a)st.rim.or.jp) for reporting the problem and Doug
  Hoyte for producing a patch.

o Made some AIX and HP-UX portability fixes to Libdnet and NmapFE.
  These were sent in by Peter O'Gorman
  (nmap-dev(a)mlists.thewrittenword.com).

o When you do a UDP+TCP scan, the TCP ports are now shown first (in
  numerical order), followed by the UDP ports (also in order).  This
  contrasts with the old format which showed all ports together in
  numerical order, regardless of protocol.  This was at first a "bug",
  but then I started thinking this behavior may be better.  If you
  have a preference for one format or the other, please post your
  reasons to nmap-dev.

o Changed mass_dns system to print a warning if it can't find any
  available DNS servers, but not quit like it used to.  Thanks to Doug
  Hoyte for the patch.

Nmap 4.04BETA1

o Integrated all of your submissions (about a thousand) from the first
  quarter of this year!  Please keep 'em coming!  The DB has increased
  from 3,153 signatures representing 381 protocols in 4.03 to 3,441
  signatures representing 401 protocols.  No other tool comes close!
  Many of the already existing match lines were improved too.  Thanks
  to Version Detection Czar Doug Hoyte for doing this.

o Nmap now allows multiple ignored port states.  If a 65K-port scan
  had, 64K filtered ports, 1K closed ports, and a few dozen open
  ports, Nmap used to list the dozen open ones among a thousand lines
  of closed ports.  Now Nmap will give reports like "Not shown: 64330
  filtered ports, 1000 closed ports" or "All 2051 scanned ports on
  192.168.0.69 are closed (1051) or filtered (1000)", and omit all of
  those ports from the table.  Open ports are never ignored.  XML
  output can now have multiple [extraports] directive (one for each
  ignored state).  The number of ports in a single state before it is
  consolidated defaults to 26 or more, though that number increases as
  you add -v or -d options.  With -d3 or higher, no ports will be
  consolidated.  The XML output should probably be augmented to give
  the extraports directive 'ip', 'tcp', and 'udp' attributes which
  specify the corresponding port numbers in the given state in the
  same listing format as the nmaprun.scaninfo.services attribute, but
  that part hasn't yet been implemented.  If you absoultely need the
  exact port numbers for each state in the XML, use -d3 for now.

o Nmap now ignores certain ICMP error message rate limiting (rather
  than slowing down to accomidate it) in cases such as SYN scan where
  an ICMP message and no response mean the same thing (port filtered).
  This is currently only done at timing level Aggressive (-T4) or
  higher, though we may make it the default if we don't hear problems
  with it.  In addition, the --defeat-rst-ratelimit option has been
  added, which causes Nmap not to slow down to accomidate RST rate
  limits when encountered.  For a SYN scan, this may cause closed
  ports to be labeled 'filtered' becuase Nmap refused to slow down
  enough to correspond to the rate limiting.  Learn more about this
  new option at http://www.insecure.org/nmap/man/ .  Thanks to Martin
  Macok (martin.macok(a)underground.cz) for writing the patch that
  these changes were based on.

o Moved my Nmap development environment to Visual C++ 2005 Express
  edition.  In typical "MS Upgrade Treadmill" fashion, Visual Studio
  2003 users will no longer be able to compile Nmap using the new
  solution files.  The compilation, installation, and execution
  instructions at
  http://www.insecure.org/nmap/install/inst-windows.html have been
  upgraded.  

o Automated my Windows build system so that I just have to type a
  single make command in the mswin32 directory.  Thanks to Scott
  Worley (smw(a)pobox.com>, Shane & Jenny Walters
  (yfisaqt(a)waltersinamerica.com), and Alex Prinsier
  (aphexer(a)mailhaven.com) for reading my appeal in the 4.03
  CHANGELOG and assisting.

o Changed the PortList class to use much more efficient data
  structures and algorithms which take advantage of Nmap-specific
  behavior patterns.  Thanks to Marek Majkowski
  (majek(a)forest.one.pl) for the patch.

o Fixed a bug which prevented certain TCP+UDP scan commands, such as
  "nmap -sSU -p1-65535 localhost" from scanning both TCP and UDP.
  Instead they gave the error message "WARNING: UDP scan was requested,
  but no udp ports were specified.  Skipping this scan type".  Thanks to
  Doug Hoyte for the patch.

o Nmap has traditionally required you to specify -T* timing options
  before any more granular options like --max-rtt-timeout, otherwise the
  general timing option would overwrite the value from your more
  specific request.  This has now been fixed so that the more specific
  options always have precendence.  Thanks to Doug Hoyte for this patch.

o Fixed a couple possible memory leaks reported by Ted Kremenek
 (kremenek(a)cs.stanford.edu) from the Stanford University sofware
 static analysis lab ("Checker" project).

o Nmap now prints a warning when you specify a target name which
  resolves to multiple IP addresses.  Nmap proceeds to scan only the
  first of those addresses (as it always has done).  Thanks to Doug
  Hoyte for the patch.  The warning looks like this:
  Warning: Hostname google.com resolves to 3 IPs. Using 66.102.7.99.

o Disallow --host-timeout values of less than 1500ms, print a warning
  for values less than 15s.

o Changed all instances of inet_aton() into calls to inet_pton()
  instead.  This allowed us to remove inet_aton.c from nbase.  Thanks to
  KX (kxmail(a)gmail.com) for the patch.

o When debugging (-d) is specified, Nmap now prints a report on the
  timing variables in use.  Thanks to Doug Hoyte for the patch.  The
  report loos like this:
  ---------- Timing report ----------
    hostgroups: min 1, max 100000
    rtt-timeouts: init 250, min 50, max 300
    scan-delay: TCP 5, UDP 1000
    parallelism: min 0, max 0
    max-retries: 2, host-timeout 900000
  -----------------------------------

o Modified the WinPcap installer file to explicitly uninstall an
  existing WinPcap (if you select that you wish to replace it) rather
  than just overwriting the old version.  Thanks to Doug Hoyte for
  making this change.

o Added some P2P application ports to the nmap-services file.  Thanks
  to Martin Macok for the patch.

o The write buffer length increased in 4.03 was increased even further
  when the debugging or verbosity levels are more than 2 (e.g. -d3).
  Thanks to Brandon Enright (bmenrigh(a)ucsd.edu) for the patch.  The
  goal is to prevent you from ever seeing the fatal error:
  "log_vwrite: write buffer not large enough -- need to increase"

o Added a note to the Nmap configure dragon that people sick of him
  can submit their own ASCII art to nmap-dev@insecure.org .  If you
  are wondering WTF I am talking about, it is probably because only
  most elite Nmap users -- the ones who compile from source on UNIX --
  get to see the 'l33t ASCII Art.

Nmap 4.03

o Updated the LibPCRE build system to add the -fno-thread-jumps option
  to gcc when compiling on the new Intel-based Apple Mac OS X systems.
  Hopefully this resolves the version detection crashes that several
  people have reported on such systems.  Thanks to Kurt Grutzmacher
  (grutz(a)jingojango.net) for sending the configure.ac patch.

o Made some portability fixes to keep Nmap compiling with the newest
  Visual Studio 2005.  Thanks to KX (kxmail(a)gmail.com) for
  suggesting them.

o Service fingerprints are now provided in the XML output whenever
  they would appear in the interactive output (i.e. when a service
  response with data but is unrecognized).  They are shown in a new
  'servicefp' attribute to the 'service' tag.  Thanks to Brandon Enright
  (bmenrigh(a)ucsd.edu) for sending the patch.

o Improved the Windows build system -- mswin32/Makefile now takes care
  of packaging Nmap and creating the installers once Visual Studio (GUI)
  is done building the Release version of