Re: Nmap 4.21ALPHA2 released

[Alan Jones <alan () ajsquared us>]

Fyodor,

When I downloaded the Win32 versions (EXE & ZIP) I found all the file
dates were 12-12-2006 or earlier.

The file size for the nmap-os-db file was smaller in the downloads then
on http://insecure.org/nmap/data/ where the files were dated March 15, 2007.

Maybe I missed something but wanted to check....


As a side question you said you would distribute this more widely if
there were not big problems....

I don't know how long it would take to catch up on the OS and other
signatures, but would it be worth it to try and catch up before release
goes very far so people don't submit stuff you already have?  At the
same time I am sure the faster you get something new out with more
signatures it will also prevent people from sending stuff you have.



Fyodor wrote:
> Hello everyone.  I admit that I've been a bit lazy on new Alpha
> releases lately.  After all, who needs releases when anyone can just
> check out the SVN?  I suppose they still do have important value, so I
> am happy to release Nmap 4.21ALPHA2.  This releases has many important
> changes, including tons of new OS and service fingerprints and also
> traceroute support.  Please give it a whirl and report any problems to
> the list!  If I don't hear anything bad in the next couple of days,
> I'll start distributing it more widely.
>
> First, here are the goods:
>
> http://download.insecure.org/nmap/dist/nmap-4.21ALPHA2.tar.bz2
> http://download.insecure.org/nmap/dist/nmap-4.21ALPHA2-setup.exe
> http://download.insecure.org/nmap/dist/nmap-4.21ALPHA2-win32.zip
> http://download.insecure.org/nmap/dist/nmap-4.21ALPHA2-1.src.rpm
> http://download.insecure.org/nmap/dist/nmap-4.21ALPHA2-1.i386.rpm
> http://download.insecure.org/nmap/dist/nmap-frontend-4.21ALPHA2-1.i386.rpm
> http://download.insecure.org/nmap/dist/nmap-4.21ALPHA2-1.x86_64.rpm
> http://download.insecure.org/nmap/dist/nmap-frontend-4.21ALPHA2-1.x86_64.rpm
> http://download.insecure.org/nmap/dist/nmap-4.21ALPHA2.tgz 
>
> And here are the changes:
>
> o Performed a huge OS detection submission integration marathon.  More
>   than 500 submissions were processed, increasing the 2nd generation
>   OS DB size 65% to 381 fingerprints.  And many of the existing ones
>   were improved.  We still have a bit more than 500 submissions (sent
>   after January 16) to process.  Please keep those submissions coming!
>
> o Integrated all of your Q32006 service fingerprint submissions.  The
>   nmap-service-probe DB grew from 3,671 signatures representing 415
>   service protocols to 3,877 signatures representing 426 services.  Big
>   thanks to version detection czar Doug Hoyte for doing this.  Notable
>   changes are described at http://hcsw.org/blog.pl?a=20&b=20 .
>
> o Nmap now has traceroute support, thanks to an excellent patch by
>   Eddie Bell. The new system uses Nmap data to determine which sort of
>   packets are most likely to slip through the target network and
>   produce useful results.  The system is well optimized for speed and
>   bandwidth efficiency, and the clever output system avoids repeating
>   the same initial hops for each target system.  Enable this
>   functionality by specifying --traceroute.
>
> o Nmap now has a public Subversion (SVN) source code repository.  See
>   the announcement at http://seclists.org/nmap-dev/2006/q4/0253.html
>   and then the updated usage instructions at
>   http://seclists.org/nmap-dev/2006/q4/0281.html .
>
> o Fixed a major accuracy bug in gen1 OS detection (some debugging code
>   was accidentally left in).  Thanks to Richard van den Berg for finding
>   the problem.
>
> o Changed the IP protocol scan so that it sends proper IGMP headers when
>   scanning that protocol.  This makes it much more likely that the host
>   will respond, proving that it's "open".  [Kris]
>
> o Improved the algorithm for classifying the TCP timestamp frequency
>   for OS detection.  The new algorithm is described at
>   http://insecure.org/nmap/osdetect/osdetect-methods.html#osdetect-ts .
>
> o Fixed the way Nmap detects whether one of its data files (such as
>   nmap-services) exists and has permissions which allow it to be read.
>
> o Added a bunch of nmap-services port listings from Stephanie Wen.
>
> o Update IANA assignment IP list for random IP (-iR) generation.
>   Thanks to Kris Katterjohn for the patch.
>
> o Fix nmap.xsl (the transform for rendering Nmap XML results as HTML)
>   to fix some bugs related to OS detection output.  Thanks to Tom
>   Sellers for the patch.
>
> o Fixed a bug which prevented the --without-liblua compilation option
>   from working.  Thanks to Kris Katterjohn for the patch.
>
> o Fixed a bug which caused nmap --iflist to crash (and might have
>   caused crashes in other circumstances too).  Thanks to Kris
>   Katterjohn for the report and Diman Todorov for the fix.
>
> o Applied a bunch of code cleanup patches from Kris Katterjohn.
>
> o Some scan types were fixed when used against localhost. The UDP Scan
>   doesn't find it's own port, the TCP Scan won't print a message (with -d)
>   about an unexpected packet (for the same reason), and the IPProto Scan
>   won't list every port as "open" when using --data-length >= 8.  [Kris]
>
> o The IPProto Scan should be more accurate when scanning protocol 17 (UDP).
>   ICMP Port Unreachables are now checked for, and UDP is listed as "open"
>   if it receives one rather than "open|filtered" or "filtered".  [Kris]
>
> o The --scanflags option now also accepts "ECE", "CWR", "ALL" and "NONE" as
>   arguments.  [Kris]
>
> o The --packet-trace option was added to NmapFE.  The Ordered Ports (-r)
>   option in now available to non-root users on NmapFE as well.  [Kris]
>
> Enjoy!
> Fyodor
>
> _______________________________________________
> Sent through the nmap-dev mailing list
> http://cgi.insecure.org/mailman/listinfo/nmap-dev
> Archived at http://SecLists.Org
>
>
>   

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org