Nmap Announce mailing list archives
Nmap 2.3BETA4
From: Fyodor <fyodor () dhp com>
Date: Mon, 30 Aug 1999 06:22:18 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE----- Just when you were thinking a new Nmap version would never come along ... I'm happy to announce Nmap 2.3BETA4 . The most interesting new change is direct (non-portmapper) RPC scanning. This allows you to obtain 'rpcinfo - -p' type of information even when your target has firewalled portmapper. This is a good way to locate cmsd, tooltalkd, statd, etc. on your networks. RPC scanning is activated by -sR; here is an example session against a stock Solaris 7 box: amy# ./nmap -sRUS -p 7,9,13,19,21,23,25,37,42,79,111,32760-32785 xanadu Starting nmap V. 2.3BETA1 by Fyodor (fyodor () dhp com,www.insecure.org/nmap/) Interesting ports on xanadu.yuma.net (192.168.0.10): Port State Protocol Service (RPC) 7 open udp echo (Non-RPC) 7 open tcp echo (Non-RPC) 9 open udp discard (Non-RPC) 9 open tcp discard (Non-RPC) 13 open udp daytime (Non-RPC) 13 open tcp daytime (Non-RPC) 19 open udp chargen (Non-RPC) 19 open tcp chargen (Non-RPC) 21 open tcp ftp (Non-RPC) 23 open tcp telnet (Non-RPC) 25 open tcp smtp (Non-RPC) 37 open udp time (Non-RPC) 37 open tcp time (Non-RPC) 42 open udp nameserver (Non-RPC) 79 open tcp finger (Non-RPC) 111 open udp sunrpc (portmapper V2-4) 111 open tcp sunrpc (portmapper V2-4) 32771 open udp (Non-RPC) 32771 open tcp (status V1) 32772 open udp (status V1) 32772 open tcp (Non-RPC) 32773 open udp (sadmind V10) 32773 open tcp (ttdbserverd V1) 32774 open udp (rquotad V1) 32774 open tcp (Non-RPC) 32775 open udp (rusersd V2-3) 32775 open tcp (cachefsd V1) 32776 open udp (sprayd V1) 32776 open tcp (Non-RPC) 32777 open udp (walld V1) 32777 open tcp (cmsd V2-5) 32778 open udp (rstatd V2-4) 32779 open udp (cmsd V2-5) Nmap run completed -- 1 IP address (1 host up) scanned in 30 seconds amy# I gave an explicit port list because UDP scanning takes _forever_ against Solaris:(. Look at all those juicy RPC services at the end -- count the root holes :). Many thanks go to ga <ga () capyork com> for writing sample code to demonstrate the technique. The RPC services list included with nmap was compiled by Vik Bajaj <vbajaj () sas upenn edu> with help from various members of this list. This version also contains many new and improved OS fingerprints. Thanks to everyone for keeping those coming in! A few more changes: ** Fixed a problem that could cause freezes when you scan machines on at least two different types of interfaces as part of the same command. ** Identified and found workaround for Linux kernel bug which allows connect() to sometimes succeed inapropriately when scanning closed ports on localhost. ** Fixed problems relating to people who specify the same port more than once on the command line. While the right answer is "well, don't do that!", I decided to fix nmap to handle this gracefully. ** Tweaked UDP scanning to be more effective against Solaris ICMP error limiting. ** Fixed strtol() integer overflow problem found by Renaud Deraison <deraison () cvs nessus org> ** The HTML translation of the Man page at http://www.insecure.org/nmap/nmap_manpage.html should now be complete (man2html was dropping lines before). ** Added a note in the man page that Nmap 2.0+ is believed to be COMPLETELY Y2K COMPLIANT! I've been getting a lot of letters from laywers about that recently. You should still be able to port scan on Jan 1st (well ... as long as you have electricity and gangs of looting thugs haven't stolen your computers :) Please let me know if you guys find any problems! That is the purpose of beta releases after all. Cheers, Fyodor -- Fyodor 'finger pgp () pgp insecure org | pgp -fka' "The percentage of users running Windows NT Workstation 4.0 whose PCs stopped working more than once a month was less than half that of Windows 95 users." -- microsoft.com/NTWorkstation/Basics/Features/Reliability/ -----BEGIN PGP SIGNATURE----- Version: 2.6.3a Charset: noconv iQCVAwUBN8pbXM4dPqJTWH2VAQHZ3AQAlUqjQmyGY2qX9KZ2WPwzQ0xzoweVzkxM +tbSMrMFir6Jm+OB078wIqakgcFDEzlpdPTa6ls56KgbCAEjHowLAggzjc61XK2n HNg8UbCD+AqqeOddviAuDjWNbeRWZdK1BLwtdPZB4fZmy7ZdkFZGAX3a3aVd37/a JHSZdDynbz0= =erky -----END PGP SIGNATURE-----
Current thread:
- Nmap 2.3BETA4 Fyodor (Aug 30)