Nmap Announce mailing list archives
Re: Nmap 2.30BETA20 Released
From: Andrew Brown <atatat () atatdot net>
Date: Thu, 20 Apr 2000 19:21:31 -0400
I am pleased to announce that Nmap 2.30BETA20 has been released. It contains a few bugfixes and is a stable release candidate. I plan to release the next stable version within a week. It may just be 2.30BETA20 with the version number changed. So try it out and let me know if you find any problems.
hopefully you're not too close to actually cutting the release that you can't roll in one nifty new feature. attached is a patch that allows nmap to detect cisco equipment in a way similar to a syn scan. here's a demo: # ./nmap -sC 204.17.3.0/24 Starting nmap V. 2.30BETA20 by fyodor () insecure org ( www.insecure.org/nmap/ ) Host (204.17.3.0) seems to be a subnet broadcast address (returned 25 extra pings). Still scanning it. Host (204.17.3.1) appears to be a cisco. Host (204.17.3.47) appears to be a cisco. Host (204.17.3.255) seems to be a subnet broadcast address (returned 25 extra pings). Still scanning it. Nmap run completed -- 256 IP addresses (68 hosts up) scanned in 7 seconds i mainly hacked it in around the syn scan code, but with only one port in mind: 1999/tcp. cisco's will usually not have any processes listening on this port and will respond with the expected reset packet. the trick is that ciscos put six bytes of data (that are not accounted for in the ip packet length or tcp data length numbers) at the end of the reset packet that say "cisco\0". there's also a small patch to services.c to ignore a couple of protocol types sometimes found in /etc/services that nmap doesn't handle (reducing the number of complaints when running it with a few -d's). i'd also like to suggest that you distribute the "massive" services file that i've been maintaining for a year or so at http://www.graffiti.com/services as the nmap-services file. it's basically a large merge of the iana port-numbers list and the services files from solaris, the bsds, a few linuxes, and some submissions i've gotten, giving a really nice big list. it's really good for scanning *everything*. :) -- |-----< "CODE WARRIOR" >-----| codewarrior () daemon org * "ah! i see you have the internet twofsonet () graffiti com (Andrew Brown) that goes *ping*!" andrew () crossbar com * "information is power -- share the wealth."
Attachment:
nmap-2.30BETA20.patch
Description:
Current thread:
- Nmap 2.30BETA20 Released Fyodor (Apr 10)
- Re: Nmap 2.30BETA20 Released nmap-hackers (Apr 13)
- Re: Nmap 2.30BETA20 Released Andrew Brown (Apr 20)
- Re: Nmap 2.30BETA20 Released Max Vision (Apr 21)
- Re: Nmap 2.30BETA20 Released Jeffrey Paul (Apr 21)
- Re: Nmap 2.30BETA20 Released Max Vision (Apr 21)
- Re: Nmap 2.30BETA20 Released Andrew Brown (Apr 21)
- Re: Nmap 2.30BETA20 Released Max Vision (Apr 21)
- Re: Nmap 2.30BETA20 Released Justin (Apr 21)
- Re: Nmap 2.30BETA20 Released Andrew Brown (Apr 21)
- Re: Nmap 2.30BETA20 Released Dragos Ruiu (Apr 21)
- Re: Nmap 2.30BETA20 Released Fyodor (Apr 22)
- <Possible follow-ups>
- Re: Nmap 2.30BETA20 Released Alek O. Komarnitsky (N-CSC) (Apr 21)