Nmap Development mailing list archives
Nmap 4.20ALPHA9: OS detection improvements, and new features
From: Fyodor <fyodor () insecure org>
Date: Fri, 13 Oct 2006 23:45:26 -0700
Hi Everyone. I am pleased to announce Nmap 4.20ALPHA9, which has 27% more OS signatures and other improvements. For example, I put in an --open flag which only shows open (or possibly open) ports, for those times you only care about ports you can connect to. People have been requesting that feature for years. Big thanks to everyone who submitted OS fingerprints! Please keep them coming, as the DB still has a long way to grow. If enough of you submit, we will be able to break into triple-digit signature numbers for the next release. Here is where we stand now: Synscan (0.1): 25 signatures Nmap Gen2 (4.20ALPHA9): 71 signatures SinFP (2.02): about 100 signatures Xprobe2 (0.3): 225 signatures Nmap Gen1 (4.20ALPHA9): 1,684 signatures Besides submitting new signatures, corrections are also quite helpful. I have added fingerprint correction instructions (it is very easy) to http://insecure.org/nmap/submit/ . Here are the changes in 4.20ALPHA9: o Integrated the newly submitted OS fingerprints. The DB now contains 71 fingerprints, up 27% from 56 in ALPHA8. Please keep them coming! We still only have 4.2% as many fingerprints as the gen1 database. o Added the --open option, which causes Nmap to show only open ports. Ports in the states "open|closed" and "unfiltered" might be open, so those are shown unless the host has an overwhelming number of them. o Nmap gen2 OS detection used to always do 2 retries if it fails to find a match. Now it normally does just 1 retry, but does 4 retries if conditions are good enough to warrant fingerprint submission. This should speed things up on average. A new --max-os-tries option lets you specify a higher lower maximum number of tries. o Added --unprivileged option, which is the opposite of --privileged. It tells Nmap to treat the user as lacking network raw socket and sniffing privileges. This is useful for testing, debugging, or when the raw network functionality of your operating system is somehow broken. o Fixed a confusing error message which occured when you specified a ping scan or list scan, but also specified -p (which is only used for port scans). Thanks to Thomas Buchanan for the patch. o Applied some small cleanup patches from Kris Katterjohn And here are the goods: http://download.insecure.org/nmap/dist/nmap-4.20ALPHA9.tar.bz2 http://download.insecure.org/nmap/dist/nmap-4.20ALPHA9-setup.exe http://download.insecure.org/nmap/dist/nmap-4.20ALPHA9-win32.zip http://download.insecure.org/nmap/dist/nmap-4.20ALPHA9-1.src.rpm http://download.insecure.org/nmap/dist/nmap-4.20ALPHA9-1.i386.rpm http://download.insecure.org/nmap/dist/nmap-frontend-4.20ALPHA9-1.i386.rpm http://download.insecure.org/nmap/dist/nmap-4.20ALPHA9-1.x86_64.rpm http://download.insecure.org/nmap/dist/nmap-frontend-4.20ALPHA9-1.x86_64.rpm http://download.insecure.org/nmap/dist/nmap-4.20ALPHA9.tgz Please let nmap-dev know if you encounter any problems! Cheers, Fyodor _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Nmap 4.20ALPHA9: OS detection improvements, and new features Fyodor (Oct 13)