Happy New Year! Yes, the current one, not a previous one; this is a new post, we swear!
0 Members and 2 Guests are viewing this topic.
Nmap developers,I'm pleased to another another private ALPHA release. 3.84ALPHA2 isnow available from:http://www.insecure.org/nmap/dist/nmap-3.84ALPHA2.tar.bz2http://www.insecure.org/nmap/dist/nmap-3.84ALPHA2-win32.zipAs always, GPG sigs are at: http://www.insecure.org/nmap/dist/sigs/?C=M;O=DMy current plan is to do a stable release based on this in the nextday or two. So please give it a whirl and let me know if you find anyproblems. Here are the changes since ALPHA1:o Fixed crash when Nmap is compiled using gcc 4.X by adding the --fno-strict-aliasing option when that compiler is detected. Thanks to Greg Darke (starstuff(a)optusnet.com.au) for discovering that this option fixes (hides) the problem and to Duilio J. Protti (dprotti(a)flowgate.net) for writing the configure patch to detect gcc 4 and add the option. A better fix is to identify and rewrite lines that violate C99 alias rules, and we are looking into that.o Applied an enormous nmap-service-probes (version detection) update from SoC student Doug Hoyte (doug(a)hcsw.org). Version 3.81 had 1064 match lines covering 195 service protocols. Now we have 2865 match lines covering 359 protocols! So the database size has nearly tripled! This should make your -sV scans quicker and more accurate. Thanks also go to the (literally) thousands of you who submitted service fingerprints. Keep them coming!o Added "rarity" feature to Nmap version detection. This causes obscure probes to be skipped when they are unlikely to help. Each probe now has a "rarity" value. Probes that detect dozens of services such as GenericLines and GetRequest have rarity values of 1, while the WWWOFFLEctrlstat and mydoom probes have a rarity of 9. When interrogating a port, Nmap always tries probes registered to that port number. So even WWWOFFLEctrlstat will be tried against port 8081 and mydoom will be tried against open ports between 3127 and 3198. If none of the registered ports find a match, Nmap tries probes that have a rarity less than or equal to its current intensity level. The intensity level defaults to 7 (so that most of the probes are done). You can set the intensity level with the new --version_intensity option. Alternatively, you can just use --version_light or --version_all which set the intensity to 2 (only try the most important probes and ones registered to the port number) and 9 (try all probes), respectively. --version_light is much faster than default version detection, but also a bit less likely to find a match. This feature was designed and implemented by Doug Hoyte (doug(a)hcsw.org).o Added a "fallback" feature to the nmap-service-probes database. This allows a probe to "inherit" match lines from other probes. It is currently only used for the HTTPOptions, RTSPRequest, and SSLSessionReq probes to inherit all of the match lines from GetRequest. Some servers don't respond to the Nmap GetRequest (for example because it doesn't include a Host: line) but they do respond to some of those other 3 probes in ways that GetRequest match lines are general enough to match. The fallback construct allows us to benefit from these matches without repeating hundreds of signatures in the file. This is another feature designed and implemented by Doug Hoyte (doug(a)hcsw.org).o Fixed crash with certain --excludefile or --exclude arguments. Thanks to Kurt Grutzmacher (grutz(a)jingojango.net) and pijn trein (ptrein(a)gmail.com) for reporting the problem, and to Duilio J. Protti (dprotti(a)flowgate.net) for debugging the issue and sending the patch.o Applied pach from Steve Martin (smartin(a)stillsecure.com) which standardizes many OS names and corrects typos in nmap-os-fingerprints.o Fixed a crash found during certain UDP version scans. The crash was discovered and reported by Ron (iago(a)valhallalegends.com) and fixed by Doug Hoyte (doug(a)hcsw.com).o Added --iflist argument which prints a list of system interfaces and routes detected by Nmap.o Fixed a protocol scan (-sO) problem which led to the error message: "Error compiling our pcap filter: syntax error". Thanks to Michel Arboi (michel(a)arboi.fr.eu.org) for reporting the problem.o Fixed an Nmap version detection crash on Windows which led to the error message "Unexpected error in NSE_TYPE_READ callback. Error code: 10053 (Unknown error)". Thanks to Srivatsan (srivatsanp(a)adventnet.com) for reporting the problem.o Fixed some misspellings in docs/nmap.xml reported by Tom Sellers (TSellers(a)trustmark.com).o Updated random scan (ip_is_reserved()) to reflect the latest IANA assignments. This patch was sent in by Cheers,Fyodor_______________________________________________Sent through the nmap-dev mailing listhttp://cgi.insecure.org/mailman/listinfo/nmap-dev
[20:21:13] xar: i was just thinking about the time iago came over here and we made this huge bomb and light up the sky for 6 min[20:21:15] xar: that was funny
First Bleeding Rules then this, if only there were more iago's.
[17:32:45] * xar sets mode: -oooooooooo algorithm ban chris cipher newby stdio TehUser tnarongi|away vursed warz[17:32:54] * xar sets mode: +o newby[17:32:58] <xar> new rule[17:33:02] <xar> me and newby rule all
Quote from: CrAz3D on June 30, 2008, 10:38:22 amI'd bet that you're currently bloated like a water ballon on a hot summer's day.That analogy doesn't even make sense. Why would a water balloon be especially bloated on a hot summer's day? For your sake, I hope there wasn't too much logic testing on your LSAT.
I'd bet that you're currently bloated like a water ballon on a hot summer's day.
On a side note, nmap 3.90 is out. :p
My goal is to get a truly stable version out there thatcan last a while, so that I can get back to breaking stuff, addingcool features, and generally preparing for Nmap 4.0 (which may beready for release this year)!
I hope this release lasts longer than an hour and a half! At the rateyou guys are finding problems, Nmap 4.0 will be released whether Ilike it or not in, oh, about 6 hours . I have removed all traces of3.92 from the dist directory and CHANGELOG, and placed newwindows/linux binaries and tarballs of 3.93 in its place. You guysknow the drill:http://www.insecure.org/nmap/dist/?C=M&O=DThe changes are just the one-character fix to the "--send_ip -P0"problem discovered by Richard Moore, and a workaround to the boguscompiler warning reported by Richard Sammet.Please let me know if you discover any problems. You'll get longer totest this release, 'cause its 4AM here and I'm going to bed! When Iwake up, 3.93 will either go public, or you'll get a shiny new 3.94,depending on how your testing goes.Thanks,Fyodor
Nmap 3.92 and 3.92
if(3.92 != 3.92) { world.end();}
I'd personally do as Joe suggests
You might be right about that, Joe.