Nmap Announce mailing list archives
Nmap 3.30; Kids: don't try this at home!
From: Fyodor <fyodor () insecure org>
Date: Sun, 29 Jun 2003 23:34:43 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hello everyone, I have decided to start with a public service announcement. The British Computer Society and Scotland Yard Computer Crime Unit have analyzed the Matrix:Reloaded and put forth the following warning for young viewers: "Viewers of the new box office blockbuster Matrix Reloaded should not be tempted to emulate the realistic depiction of computer hacking, warns the British Computer Society (BCS). Many computer experts are sufficiently concerned over the accuracy of some of the computing scenes in the film to alert young computing enthusiasts of the illegality of hacking and of the tough prison sentences that are now being handed out to perpetrators of this serious crime.... Although Hollywood likes to glamorise hacking, and this movie would appear to be more accurate than many by showing the use of actual network mapping software, it should not be as simple as it can be made to appear." -- http://www1.bcs.org.uk/DocsRepository/04900/4992/matrix.htm And speaking of actual network mapping software, I am pleased to announce the release of Nmap 3.30. This release offers substantial OS detection improvements. In particular, it includes the biggest fingerprint update ever (thanks for all the submissions!). It also includes a brand new OS classification scheme, and I have made Nmap more willing to guess the OS when no exact match is found. And while I was working on OS fingerprinting, Peter Marschall sent me another huge NmapFE patch that dramatically improves this X-Window GUI interface to Nmap. Here are the full details from the CHANGELOG: o Implemented the largest-ever OS fingerprint update! Roughly 300 fingerprints were added/modified. These massive changes span the gamut from AIX 5.1 to the ZyXEL Prestige broadband router line. Notable updates include OpenBSD 3.3, FreeBSD 5.1, Mac OS X 10.2.6, Windows 2003 server, and more WAPs and broadband routers than you can shake a stick at. Someone even submitted a fingerprint for Debian Linux running on the Microsoft Xbox. You have to love that irony :). Thanks to everyone who submitted fingerprints using the URL Nmap gives you when it gets a clean reading but is stumped. The fingerprint DB now contains almost 1000 fingerprints. o Went through every one of the fingerprints to normalize the descriptions a bit. I also looked up what all of the devices are (thanks E*Bay and Google!). Results like "Nexland ISB Pro800 Turbo" and "Siemens 300E Release 6.5" are much more useful when you add the words "cable modem" and "business phone system" o Added a new classification system to nmap-os-fingerprints. In addition to the standard text description, each entry is now classified by vendor name (e.g. Sun), underlying OS (e.g. Solaris), OS generation (e.g. 7), and device type ("general purpose", router, switch, game console, etc). This can be useful if you want to (say) locate and eliminate the SCO systems on a network, or find the wireless access points (WAPs) by scanning from the wired side. o Classification system described above is now used to print out a "device type" line and OS categories for matches. The free-form English details are still printed as well. Nmap can sometimes provide classifications even where it used to provide nothing because of "too many matches". These have been added to XML output as well. They are not printed for the "grepable output", as I consider that format deprecated. o Nmap will now sometimes guess in the "no exact matches" case, even if you don't use the secret --osscan_guess or -fuzzy options. o Applied another huge NmapFE patch from Peter Marschall (peter(a)adpm.de). This revamps the interface to use a tabbed format that allows for many more Nmap options to be used. It also cleans up some crufty parts of the code. Let me and Peter know what you think (and if you encounter any problems). o Windows and Amiga ports now use packet receive times from libpcap. Let me know if you get any "time computation problem" errors. o Updated version of the Russian man page translation from Alex Volkov (alex(a)cherepovets-city.ru). For those of you running Linux/x86 w/a recent version of rpm (www.rpm.org), you can install/upgrade to the newest version of nmap/nmapfe by executing these commands as root: rpm -vhU (nmap url) where (nmap url) is one (or both) of these: http://download.insecure.org/nmap/dist/nmap-3.30-1.i386.rpm http://download.insecure.org/nmap/dist/nmap-frontend-3.30-1.i386.rpm For the rest of you, source tarballs and source RPMs are always available at: http://www.insecure.org/nmap/nmap_download.html . That page also notes sources of binary packages for common operating systems. For the more paranoid (smart) members of the list, here are the md5 hashes: b1f82b9114c63c35acde515acf928ccc nmap-3.30-1.i386.rpm 639fc1c91f48319eca97401e74f9c90e nmap-3.30.tar.bz2 7790fdc81dd8071abaa53f21f874ce12 nmap-3.30.tgz ec4b4f563488eef4ae4abd0f79f5ac83 nmap-3.30-win32.zip 806420a1a8b8a118f42dc519fce3bcb2 nmap-frontend-3.30-1.i386.rpm These release notes should be signed with my PGP key, which is available at http://www.insecure.org/fyodor_gpgkey.txt . The key fingerprint is: 97 2F 93 AB 9C B0 09 80 D9 51 40 6B B9 BC E1 7E Cheers, Fyodor -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iQCVAwUBPv/ZR84dPqJTWH2VAQFt1gP/XuhvDlFGsrvIaSZw3J9TWm4NFneDjajV GzyFEbMRCvoxlonCaKxTzHYaEdcP3LczmH+gyqHHwz1rfAIx+ejGQxv8RbwCH53B P/XvVX9O+/ILDkF48MgWaNDXKyv5yEXlg7h24IM4LabKpRiQeg2zp5FDvOV28yfa +hp0oO9DEMI= =7Duy -----END PGP SIGNATURE----- -------------------------------------------------- For help using this (nmap-hackers) mailing list, send a blank email to nmap-hackers-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).
Current thread:
- Nmap 3.30; Kids: don't try this at home! Fyodor (Jun 29)