Nmap Announce mailing list archives
Nmap News: GoDaddy, 4.21ALPHA4, Google SoC, Training, and More
From: Fyodor <fyodor () insecure org>
Date: Wed, 21 Mar 2007 15:26:50 -0700
Hello everyone! While I haven't posted here in almost two months, Nmap development continues full speed ahead! In fact, there is so much news that I am sending this mail in digest format rather than flood your emailboxes with separate messages. CONTENTS: o GoDaddy Redux o New Nmap release: 4.21ALPHA4 o Nmap participating in Google Summer of Code '07: Application deadline is March 26 o Fyodor and James "Professor" Messer giving Nmap training classes at CanSecWest on April 17. o James "Professor" Messer offering another free webinar, and has also released video Nmap training course. o Michael Crook apologizes on video for trying to shut us down ================= ==GoDaddy Redux== ================= You guys must recall my last email about GoDaddy shutting down SecLists.Org at the behest of MySpace. After hours on the phone trying (and failing) to get them to provide a reason for the shutdown or to restore the site, I threatened to tell all my friends how they had treated me. They just laughed me off, but perhaps they didn't realize that I have more than 50,000 friends on nmap-hackers :). They weren't laughing the next day when the story was on News.Com, Wired, Slashdot, Digg, SecurityFocus, Info World, and hundreds of other articles and blogs. Thanks for spreading the word! In the News.Com article, Godaddy was asked to explain themselves. This is where they could have apologized and promised to be more careful in the future. Instead, GoDaddy general counsel Christine Jones “pointed out that GoDaddy's terms of service say the company 'reserves the right to terminate your access to the services at any time, without notice, for any reason whatsoever.'” In that same article, Jones refuses to rule out suspending a site such as News.Com if a reader posts illegal information in a discussion forum. After I started hearing of many similar GoDaddy horror stories, I decided to put up a site warning others not to use GoDaddy. The domain of my dreams for this was taken, but on a whim I wrote the owner with a cash offer. As luck would have it, the owner had been mistreated by GD in the past, so he refused payment and transferred to domain to me for free! The site is live at: http://NoDaddy.Com And volunteer Rohan Sheth has set up forums (more than 120 posts already) at: http://forums.nodaddy.com/ I am also happy to report that my most important domains (insecure.org, seclists.org, etc.) have been transferred to better registrars. ================================ ==New Nmap release: 4.21ALPHA4== ================================ While there hasn't been a "stable" Nmap release since 4.20 in December, we have been active in the Alpha series on nmap-dev. I just released 4.21ALPHA4 yesterday, and it is the first one I am comfortable placing on the Nmap download page. Thanks to all of your submissions, its 2nd generation OS detection database has grown 81%, and the version detection DB has grown substantially as well. It also includes many bug fixes and experimental support for the Nmap Scripting Engine and advanced tracerouting. Give it a try! Copies are available at http://insecure.org/nmap/download.html . ==Nmap participating in Google Summer of Code '07== After the program was a huge success for Nmap in 2005 and 2006, I'm delighted to report that Nmap has been accepted again into Google's Summer of Code program! So Google will be paying students (high school, university, and grad school) to spend their summer hacking Nmap with myself and some other Nmap developers as mentors! Many of Nmap's coolest features were implemented as part of this program. Examples are the 2nd generation OS detection system, the Nmap Scripting Engine, and the runtime interaction feature which (among other things) gives you time estimates when you press enter. One of the biggest successes of the program was Adriano Monteiro's UMIT graphical interface and results viewer for Nmap. After developing the program under Nmap SoC in '05 and '06, he has been accepted to run it as his own independent program for SoC '07. Congratulations, Adriano! So if you are a student, do consider applying. I have posted much more information and project ideas here: http://insecure.org/nmap/GoogleGrants.html Keep in mind that the deadline for applications is Monday, March 26 at 5:00PM Google (Pacific) time! If you think you might apply, consider joining in the discussion on the Nmap SoC mailing list: http://cgi.insecure.org/mailman/listinfo/soc ================================================================== ==Fyodor and James "Professor" Messer giving Nmap training class== ================================================================== In 2005 and 2006 I gave Nmap training courses at the "Security Masters' Dojo" which precedes CanSecWest in Vancouver B.C. I'm pleased to report that I'll be doing it again this year, and even more pleased to report that Jamess "Professor" Messer has agreed to co-instruct it with me. These are hands-on all day courses, so you need to bring a laptop with Nmap 4.21ALPHA installed. To keep things focused and interactive, the two classes are limited to 10 people each. The April 16 class somehow sold out before I even had a chance to send this announcement. There are still some seats remaining for the April 17 class, so get them while they're hot: http://cansecwest.com/dojorecon.html Right after the dojos is the CanSecWest conference proper, which is always a good one. The speaker list was recently posted at: http://cansecwest.com/speakers.html ====================================================================== ==James "Professor" Messer offering Nmap webinar and training course== ====================================================================== James tells me that his last webinar (posted to this list) had more than a thousand registrants! So he is doing another free webinar, with this one being an "Introduction to Nmap" on April 5. Sign up at: http://www.ProfessorMesser.com/nmapwebinar/ He has also launched a video Nmap training course ($197) called Nmap Secrets, which is great if you don't have time or funds to fly up to Vancouver and see us in person: http://www.professormesser.com/nmap-secrets/ ======================================================= ==Michael Crook apologizes for trying to shut us down== ======================================================= You may recall that wacko who mailed my hosting provider claiming (without any evidence) that a picture on seclists.org was child porn and threatened to contact the FBI. Then when that didn't work, he sent a bogus DMCA complaint claiming under penalty of perjury that he owned the copyright in the picture! More details are at http://seclists.org/nmap-dev/2007/q1/0067.html . This guy had been sending many other bogus DMCA complaints to other parties, and he finally got smacked down by the EFF! As a settlement of their lawsuit against him, Crook agreed to withdraw the bogus complaints, take a copyright law course, and post a video apology. That apology is here: http://10zm.blip.tv/file/169553/ I think it is time that GoDaddy CEO Bob Parsons and General Counsel Christina Jones post a similar video apology for wrongfully taking down so many sites (not just mine), but I'm not holding my breath. Cheers, Fyodor _______________________________________________ Sent through the nmap-hackers mailing list http://cgi.insecure.org/mailman/listinfo/nmap-hackers Archived at http://seclists.org
Current thread:
- Nmap News: GoDaddy, 4.21ALPHA4, Google SoC, Training, and More Fyodor (Mar 21)