Diet Nmap (3.94ALPHA2)

[Fyodor <fyodor () insecure org>]

Developers,

It is great that Nmap has had a long (more than 8 years), happy, and
successful existence.  But it hasn't escaped my notice that with all
of its new capabilities, Nmap has grown larger around the waist.
65K-port scans of many hosts can now take an unacceptable amount of
RAM.  I want Nmap to work on your Zaurus PDA, not to require an
expensive new computer.  So I spent this weekend putting Nmap on a
diet, and the result is 3.94ALPHA2.  Don't expect dramatic changes on
a simple "nmap localhost", but you should see a huge decrease in
memory consumption when you scan your whole company, especially if you
scan tens of thousands of ports on each machine and use -P0.  This can
make Nmap a little faster as well.

The downside is that changing all of these core Nmap data structures
and algorithms is dangerous business.  Please let me know if you find
anything broken.  You can get the goods here:

http://download.insecure.org/nmap/dist/nmap-3.94ALPHA2.tar.bz2
http://download.insecure.org/nmap/dist/nmap-3.94ALPHA2.tgz
http://download.insecure.org/nmap/dist/nmap-3.94ALPHA2-1.src.rpm
http://download.insecure.org/nmap/dist/nmap-3.94ALPHA2-1.x86_64.rpm

If there aren't any major problem reports in the next couple of days,
I'll probably post Windows binaries as well.

Here is the detailed list of changes since 3.94ALPHA1 last week:

o Put Nmap on a diet, with changes to the core port scanning routine
  (ultra_scan) to substantially reduce memory consumption, particularly
  when tens of thousands of ports are scanned.

o Fixed a problem with the -S and option on Windows reporting "Failed
  to resolve/decode supposed IPv4 source address".  The -D (decoy)
  option was probably broken on that platform too.  Thanks to kx
  (kxmail(a)gmail.com) for reporting the problem and tracking down a
  potential solution.

o Better handle ICMP type 3, code 0 (network unreachable) responses to
  port scan packets.  These are rarely seen when scanning hosts that
  are actually online, but are still worth handling.

o Applied some small fixes so that Nmap compiles with Visual C++
  2005 Express, which is free from Microsoft at
  http://msdn.microsoft.com/vstudio/express/visualc/ .  Thanks to kx
  (kxmail(a)gmail.com) and Sina Bahram (sbahram(a)nc.rr.com)

o Removed foreign translations of the old man page from the
  distribution.  Included the following contributed translations
  (nroff format) of the new man page:
    Brazilian Portuguese by Lucien Raven (lucienraven(a)yahoo.com.br)
    Portuguese (Portugal) by José Domingos (jd_pt(a)yahoo.com) and 
                             Andreia Gaita (shana.ufie(a)gmail.com).

o Added --thc option (undocumented)

o Modified libdnet-stripped/src/eth-bsd.c to allow for up to 128 bpf
  devices rather than 32.  This prevents errors like "Failed to open
  ethernet interface (fxp0)" when there are more than 32 interface
  aliases.  Thanks to Krok (krok(a)void.ru) for reporting the problem
  and even sending a patch.

Cheers,
Fyodor


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev