Lots of Nmap News

[Fyodor <fyodor () insecure org>]

Hi All.  I feel derelict for failing to post any Nmap news to this
nmap-hackers list in the last four months, but you can rest assured
that we've been busy on the project!  For example, there have been
1,181 posts on the nmap-dev list (not all from me) since my March
nmap-hackers announcements.  So you can always join that if you want a
constant flood of Nmap news :).  There have also been several stable
Nmap releases since that time, great news on the Nmap book project,
web site improvements, Google SoC success stories, and much more!

In this mail, I describe the most important general Nmap and
Insecure.Org news, while the next email will introduce Nmap 4.68 and
125 of its most important enhancements since March.

==Black Hat and Defcon Presentations==

I will be speaking next week in Las Vegas at the Black Hat Briefings
in the first speaking slot (10AM Wednesday the 6th) and then at Defcon
on Friday the 8th (4PM).  My talk discusses the results of large-scale
Internet scans I've been conducting, and demonstrates how you can use
the empirical data to make your scans (over the Internet or even
internal) more efficient.  I also plan to show off new and
poorly-understand features which can help you bypass firewall
restrictions, reduce scan times, and gather more information about
remote hosts.

Preparing for this presentation required scanning millions of hosts
and got me into minor trouble with my ISP and also with the
U.S. Department of Defense Joint Task Force for Global Network
Operations.  Apparently they don't like people scanning their
sensitive military installations.  But if they are so sensitive, maybe
they shouldn't be on the Internet in the first place.  Anyway, when
you see the new Nmap features this data enables, I hope you'll agree
that it was worth ruffling some feathers :).

==Nmap Network Scanning book==

Most of you know that I've been working for years on a comprehensive
guide to Nmap and network/security scanning.  I'm happy to report that
the book is almost done!  Here is the marketing blurb:

  "From port scanning basics for novices to the type of packet
   crafting used by advanced hackers, this book suits all levels of
   security and networking professionals. Rather than simply document
   what every Nmap option does, Nmap Network Scanning demonstrates how
   these features can be applied to solve real world tasks such as
   penetration testing, taking network inventory, detecting rogue
   wireless access points or open proxies, quashing network worm and
   virus outbreaks, and much more. Examples and diagrams show actual
   communication on the wire. This book is essential for anyone who
   needs to get the most out of Nmap, particularly security auditors
   and systems or network administrators."

I plan to do the official release in mid/late September, but I've
printed up 75 pre-release copies each for Black Hat and Defcon.  The
Black Hat copies will be available at the Black Hat Bookstore starting
on Tuesday evening or Wednesday morning.  At Defcon the books will be
sold by Bill Pollock at his No Starch Press table in the vendor area
(starting at 10AM Friday).  I'm planning to do a signing right after
my Black Hat talk in the bookstore, and right after my Defcon talk in
either the QA room or the No Starch booth.  But the trick to get a
book before they sell out will probably be to pick it up _before_ my
talks, and then you can bring the copy to the signing.  More than
7,000 people are expected at Defcon, so 75 books may not last long.

You can find a lot more about the book online:

Description and pictures: http://nmap.org/book/

Defcon pre-release table of contents: http://nmap.org/book/toc.pdf

Acknowledging the dozens of people who helped make this happen:
http://nmap.org/book/acknowledgements.html

If you'd like to see a sample chapter, you have plenty to choose from!
About half of the book is already online at:
http://nmap.org/book/toc.html

==Mac OS X Nmap/Zenmap Installer==

A native Mac OS X installer for Nmap and the Zenmap GUI is now
available from the Nmap download page (http://nmap.org/download.html).
We plan to create these for each new release now, just as we do with
the Linux RPMs and the Windows installer.  Installation is
straightforward, but detailed instructions are available anyway at
http://nmap.org/book/inst-macosx.html .  As a universal installer, it
works on both Intel and PPC Macs. It is distributed as a disk image
file (.dmg) containing an mpkg package.  OpenSSL is supported, and it
also supports Authorization Services so that Zenmap can run as root.
Thanks to David Fifield for all his hard work in creating this!

==Mailing list RSS Feed Improvements==

The nmap-dev and nmap-hackers mailing list RSS feeds at SecLists.Org
now include message excerpts to make it easier to identify interesting
messages and speed the process of reading through the list.  Feeds for
Bugtraq, Full Disclosure, Security Basics, Pen-Test, and all other
mailing lists archived at http://seclists.org have been similarly
augmented.  For details, see
http://seclists.org/nmap-dev/2008/q2/0333.html .

==Google Summer of Code==

Seven Google-sponsored Summer of Code students are spending the summer
working full time on exciting Nmap projects.  The winning students and
their Nmap development projects are showcased at
http://seclists.org/nmap-dev/2008/q2/0132.html .  All of them have
already written code which has been integrated into Nmap, and they
still have several weeks of work left.

==Nmap's 7th Movie==

To end on a fun note, Nmap recently appeared in its seventh movie--the
acclaimed Thai thriller "13: Game of Death".  This movie follows the
story of a man given the chance to complete 13 challenges to win $100
million. Successive challenges become increasingly intense, dangerous,
and illegal.  What would you do for $100 million?

I posted a video clip and screenshots yesterday to the Nmap movies
page:

http://nmap.org/movies.html

==New Nmap Releases==

Nmap has so many new features and improvements that they deserve their
own email.  I'll send it shortly!

I look forward to seeing many of you next week at Black Hat and
Defcon!

Cheers,
Fyodor
_______________________________________________
Sent through the nmap-hackers mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-hackers
Archived at http://seclists.org