Re: Nmap 4.85BETA7 Released!

[henry.nymann () valeosylvania com]

David Fifield <david () bamsoftware com> wrote on 04/02/2009 10:31:17 AM:

> On Thu, Apr 02, 2009 at 10:25:48AM -0400, henry.
> nymann () valeosylvania com wrote:
> > David Fifield <david () bamsoftware com> wrote on 04/02/2009 10:02:43 AM:
> > > > > > I downloaded and tried the new beta 7 version this
> morning. Specifically,
> > > > > > I'm running it on a Windows 2003 SP2 server, and I
> uninstalled beta 6
> > > > > > first.  However, I am not getting the new messages that this
e-mail
> > > > > > references, so does that mean something did not update
> correctly on my
> > > > > > server?  Doing a "Help | About" confirms the beta 7 version.
> > >
> > > If you are getting the longer error messages, then the script is
working
> > > like it is supposed to. Unfortunately the error messages could be
from a
> > > variety of causes and the script can't differentiate between all of
> > > them. For NT_STATUS_OBJECT_NAME_NOT_FOUND for example, if the remote
> > > operating system is not Windows, then it is not infected. But it
could
> > > be that the service required to do detection (the "browser service")
has
> > > crashed, and then you can't test infection remotely. You will have to
> > > find that computer and check it locally.
> >
> > I'll show you a portion of the output I am getting so that things are
> > clear.
> >
> > Host vls-sey-w01411.seymour.vls.valeo (10.106.17.83) is up, received
> > user-set (0.020s latency).
> > Scanned at 2009-04-02 08:58:18 Eastern Daylight Time for 1s
> > Interesting ports on vls-sey-w01411.seymour.vls.valeo (10.106.17.83):
> > PORT    STATE SERVICE      REASON
> > 445/tcp open  microsoft-ds syn-ack
> >
> > Host script results:
> > |  smb-check-vulns:
> > |  MS08-067: Check disabled (remove 'safe=1' argument to run)
> > |  Conficker: NT_STATUS_OBJECT_NAME_NOT_FOUND
> > |_ regsvc DoS: Check disabled (add --script-args=unsafe=1 to run)
> > Final times for host: srtt: 20000 rttvar: 20000  to: 100000
>
> Okay, that output looks like it is still from 4.85BETA6. It is possible
> that you have the BETA7 of Zenmap installed but only the BETA6 of Nmap.
> Try running
>    nmap --version
> You should be able to do that within Zenmap. If it says something before
> 4.85BETA7, then you will have to find where the old version is installed
> and remove it.
>
> David Fifield

I did that, both in zenmap and via a command prompt, just to be sure, and
both respond with "Nmap version 4.85BETA7".

However, the change was made to a script, is there a way to tell the
"version" of a script?

Henry Nymann
This e-mail message is intended only for the use of the intended recipient(s).
The information contained therein may be confidential or privileged, and its disclosure or reproduction is strictly 
prohibited.
If you are not the intended recipient, please return it immediately to its sender at the above address and destroy it. 

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org