Nmap 4.0.3 released

Imagen 13.jpgMe llega el mail de la lista de correo de Nmap Hackers en el que Fyodor nos anuncia el lanzamiento de la nueva versión de mi analizador de redes favorito, la descarga de la nueva versión la podeis efectuar desde aquí y debajo os pongo toda la lista de cambios (en Inglés).

Desde luego que es otro ejemplo más de como un software siendo gratuito está tan por encima de uno de pago que no es ni comparable, pero además hasta extremos insospechables -:)
Lista de cambios y novedades desde la 4.0.1;


Here are the changes since 4.01:

o Updated to a newer XSL stylesheet (for XML to HTML output
transformation) by Benjamin Erb. This new version includes IP
address sorting, removal of javascript requirements, some new
address, hostname, and Nmap version information, and various minor
tweaks and fixes.

o Updated the LibPCRE build system to add the -fno-thread-jumps option
to gcc when compiling on the new Intel-based Apple Mac OS X systems.
Hopefully this resolves the version detection crashes that several
people have reported on such systems. Thanks to Kurt Grutzmacher
(grutz(a)jingojango.net) for sending the configure.ac patch.

o Service fingerprints are now provided in the XML output whenever
they would appear in the interactive output (i.e. when a service
response with data but is unrecognized). They are shown in a new
‘servicefp’ attribute to the ‘service’ tag. Thanks to Brandon Enright
(bmenrigh(a)ucsd.edu) for sending the patch.

o WinPcap 3.1 binaries are now shipped in the Nmap tarball, along with
a customized installer written by Doug Hoyte. That new WinPcap
installer is now used by the Nmap self-installer (if you request
WinPcap installation). Some Nmap users were uncomfortable with a
«phone home» feature of the official WinPcap installer. It connects
back to CACE Technologies, ostensibly to display news and (more
recently) advertisements. Our new installer omits that feature, but
should be otherwise perfectly compatible with WinPcap 3.1.

o Improved the Windows build system — mswin32/Makefile now takes care
of packaging Nmap and creating the installers once Visual Studio (GUI)
is done building the Release version of mswin32/nmap.sln. If someone
knows how to do this (build) step on the command line (using the
Makefile), please let me know. Or if you know how to at least make
‘Release’ (rather than Debug) the default configuration, that would be
valuable.

o Made some portability fixes to keep Nmap compiling with the newest
Visual Studio 2005. Thanks to KX (kxmail(a)gmail.com) for
suggesting them.

o Fixed (I hope) a problem where aggressive –min-parallelization
option values could cause Nmap to quit with the message «box(300, 100,
15) called (min,max,num)». Thanks to Richard van den Berg
(richard.vandenberg(a)ins.com) for reporting the problem.

o Fixed a rare crash bug thanks to a report and patch from Ganga
Bhavani (GBhavani(a)everdreamcorp.com)

o Increased a write buffer length to avoid Nmap from quitting with the
message «log_vwrite: write buffer not large enough — need to
increase». Thanks to Dave (dmarcher(a)pobox.com) for reporting the
issue.

o Cleaned up the Amiga port code to use atexit() rather than the
previous macro hack. Thanks to Kris Katterjohn (kjak(a)ispwest.com)
for the patch. Applied maybe half a dozen new other code cleanup
patches from him as well.

o Made some changes to various Nmap initialization functions which
help ALT Linux (altlinux.org) and Owl (openwall.com) developers run
Nmap in a chroot environment. Thanks to Dmitry V. Levin
(ldv(a)altlinux.org) for the patch.

o Cleaned up the code a bit by making a bunch (nearly 100) global
symbols (mostly function calls) static. I was also able to removed
some unused functions and superfluous config.h.in defines. Thanks
to Dmitry V. Levin (ldv(a)altlinux.org) for sending a list of
candidate symbols.

o Nmap now tests for the existence of data files using stat(2) rather
than testing whether they can be opened for reading (with fopen).
This is because some device files (tape drives, etc.) may react badly
to being opened at all. Thanks to Dmitry V. Levin
(ldv(a)altlinux.org) for the suggestion.

o Changed Nmap to cache interface information rather than opening and
closing it (with dnet’s eth_open and eth_close functions) all the
time.

o Applied a one-character Visual Studio 2005 compatibility patch from
kx (kxmail(a)gmail.com). It changed getch() into _getch() on Windows.

o Added the –log-errors option, which causes most warnings and error
messages that are printed to interactive-mode output (stdout/stderr)
to also be printed to the normal-format output file (if you
specified one). This will not work for most errors related to bad
command-line arguments, as Nmap may not have initialized its output
files yet. In addition, some Nmap error/warning messages use a
different system that does not yet support this option.

o Rewrote much of the Nmap results output functions to be more
efficient and support –log-errors.

o Fixed a flaw in the scan engine which could (in rare cases)
lead to a deadlock situation that prevents a scan from completing.
Thanks to Ganga Bhavani (GBhavani(a)everdreamcorp.com) for reporting
and helping to debug the problem.

o If the pcap_open_live() call (initiates sniffing) fails, Nmap now
tries up to two more times after waiting a little while. This is
attempt to work around a rare bug on Windows in which the
pcap_open_live() fails for unknown reasons.

o Fixed a flaw in the runtime interaction in which Nmap would include
hosts currently being scanned in the number of hosts «completed»
statistic.

o Fixed a crash in OS scan which could occur on Windows when a DHCP
lease issue causes the system to lose its IP address. Nmap still
quits, but at least it gives a proper error message now. Thanks to
Ganga Bhavani (GBhavani(a)everdreamcorp.com) for the patch.

o Applied more than half a dozen small code cleanup patches from
Kris Katterjohn (kjak(a)ispwest.com).

o Modified the configure script to accept CXX when specified as an
absolute path rather than just the executable name. Thanks to
Daniel Roethlisberger (daniel(a)roe.ch) for this patch.

Cheers,
Fyodor

dabo

Work: @apache_ctl | Edu: Hacker (and free) Culture & @debianhackers, @daboweb | Life: @verticalplaneta | ¿Hacktivista? (legítima defensa) GPG Key 0xBC695F37

dabo escribió 1256 entradas

Navegación de la entrada


Comentarios

  • vigodit

    wow esas son buena noticias este es uno de los granes a la hora de ponerlo a luchar con un firewall :)

Comentarios cerrados.