mirror of
https://github.com/nmap/nmap.git
synced 2026-01-25 23:59:01 +00:00
OK, I think CHANGELOG is finally ready to go. This is another monster release!
This commit is contained in:
fyodor
46
CHANGELOG
46
CHANGELOG
@@ -2,11 +2,11 @@
|
||||
|
||||
Nmap 4.85BETA10 [2009-06-12]
|
||||
|
||||
o The host discovery (ping probe) defaults have been enahanced to
|
||||
o The host discovery (ping probe) defaults have been enhanced to
|
||||
include twice as many probes. The default is now "-PE -PS443 -PA80
|
||||
-PP". In exhaustive testing of 90 different probes, this emerged as
|
||||
the best four-probe combination, finding 14% more Internet hosts
|
||||
than the previous default, "-PE -PA80". The default for nonroot
|
||||
than the previous default, "-PE -PA80". The default for non-root
|
||||
users is -PS80,443, replacing the previous default of -PS80. In
|
||||
addition, ping probes are now sent in order of effectiveness (-PE
|
||||
first) so that less effective probes may not have to be sent. ARP
|
||||
@@ -34,24 +34,24 @@ o Added SCTP port scanning support to Nmap. SCTP is a layer 4 protocol
|
||||
Part of the work on SCTP support was kindly sponsored by
|
||||
Compass Security AG, Switzerland. [Daniel Roethlisberger]
|
||||
|
||||
o [NSE] Added the new script http-iis-webdav-vuln.nse, which detects
|
||||
the recently discovered WebDAV unicode bug in MS IIS 5.1/6.0 web
|
||||
server which can allow arbitrary users to access password protected
|
||||
folders without authentication. See
|
||||
o [NSE] Added http-iis-webdav-vuln.nse, which detects the recently
|
||||
discovered WebDAV unicode bug in MS IIS 5.1/6.0 web server which can
|
||||
allow arbitrary users to access password protected folders without
|
||||
authentication. See
|
||||
http://nmap.org/svn/scripts/http-iis-webdav-vuln.nse. [Ron]
|
||||
|
||||
o The Nmap Reference Guide has been translated to German by Open
|
||||
Source Press and Indonesian by Tedi Heriyanto. You can now read it
|
||||
in 16 langauges at http://nmap.org/docs.html. We're always looking
|
||||
for more translations of Nmap and it's documentation--see
|
||||
http://seclists.org/nmap-dev/2009/q2/0667.html if you'd like to help.
|
||||
in 16 languages at http://nmap.org/docs.html. We're always looking
|
||||
for more translations of Nmap and it's documentation--if you'd like
|
||||
to help, see http://seclists.org/nmap-dev/2009/q2/0667.html.
|
||||
|
||||
o Open Source Press completed and released the German translation of
|
||||
the official Nmap book (Nmap Network Scanning). Learn more at
|
||||
http://nmap.org/book/#translations.
|
||||
|
||||
o [NSE] Added the script socks-open-proxy.nse for scanning networks
|
||||
for open SOCKS proxy servers. See
|
||||
o [NSE] Added socks-open-proxy.nse for scanning networks for open
|
||||
SOCKS proxy servers. See
|
||||
http://nmap.org/nsedoc/scripts/socks-open-proxy.html. [Joao Correa]
|
||||
|
||||
o [NSE] http-open-proxy.nse has been updated to attempt HEAD and
|
||||
@@ -87,12 +87,12 @@ o Ncat handling of newlines on Windows has been improved. CRLF is
|
||||
|
||||
o Nmap RPM packages (x86 and x86-64) are now built with OpenSSL
|
||||
support (statically linked in to avoid dependencies). They are also
|
||||
now built on CentOS 5.3 for compatability with RHEL, Fedora, and
|
||||
now built on CentOS 5.3 for compatibility with RHEL, Fedora, and
|
||||
other distributions. Please let us know if you discover any
|
||||
compatability problems (or other issues) with the new RPMs. [Fyodor]
|
||||
compatibility problems (or other issues) with the new RPMs. [Fyodor]
|
||||
|
||||
o [Zenmap] The Topology tab now has a "Save Graphic" button that
|
||||
allows saving the current topology display as a PNG, PostScript,
|
||||
allows saving the current topology display as a PNG, postscript,
|
||||
PDF, and SVG image. [Joao Medeiros, David]
|
||||
|
||||
o Changed the default UDP ping (-PU) port from 31338 to 40125. This
|
||||
@@ -121,7 +121,7 @@ o Ncat can now send SSL certificates in connect mode for client
|
||||
server. [Venkat]
|
||||
|
||||
o Nmap can now handle -SP and -SA at the same time when running nmap
|
||||
as nonroot or using IPv6. It now combines the two port lists [Josh
|
||||
as non-root or using IPv6. It now combines the two port lists [Josh
|
||||
Marlow]
|
||||
|
||||
o [Ncat] SSL in listen mode now works on systems like BSD in which a
|
||||
@@ -135,7 +135,7 @@ o The --packet-trace/--version-trace options now shows the names of
|
||||
o The GPG detached signatures for Nmap releases now use the more
|
||||
standard .asc extension rather than .gpg.txt. They can still be
|
||||
found at http://nmap.org/dist/sigs/ and the .gpg.txt versions for
|
||||
previous releases are still available for compatability reasons. For
|
||||
previous releases are still available for compatibility reasons. For
|
||||
instructions on verifying Nmap package integrity, see
|
||||
http://nmap.org/book/install.html#inst-integrity. [Fyodor]
|
||||
|
||||
@@ -190,9 +190,9 @@ o [NSE[ Fixed the parsing of --script-args, which was only accepting
|
||||
http://seclists.org/nmap-dev/2009/q2/0211.html. [Patrick]
|
||||
|
||||
o [NSE] When a script ends for any reason, all of its mutexes are now
|
||||
unlocked. This prevents a permanant (and painful to debug) deadlock
|
||||
unlocked. This prevents a permanent (and painful to debug) deadlock
|
||||
when a script crashes without unlocking a mutex. See
|
||||
http://seclists.org/nmap-dev/2009/q2/0533.html.
|
||||
http://seclists.org/nmap-dev/2009/q2/0533.html. [Patrick]
|
||||
|
||||
o Fixed a bug wherein nmap would not display the post-scan count of
|
||||
raw packets sent during a SYN ping scan (-sP -PS). [Josh Marlow]
|
||||
@@ -264,10 +264,10 @@ o Improved nsock's fselect() to be a more complete replacement for
|
||||
|
||||
o The --with-openssl= directive now works for specifying the SSL
|
||||
location to the nsock library. It was previously not passing the
|
||||
poper include file path to the compiler. [Fyodor]
|
||||
proper include file path to the compiler. [Fyodor]
|
||||
|
||||
o The --traceroute feature is now properly disabled for IPv6 (-6) ping
|
||||
scans (-sP), since IPv6 traceroutes are not currently
|
||||
o The --traceroute feature is now properly disabled for IPv6 ping
|
||||
scans (-6 -sP) since IPv6 traceroute is not currently
|
||||
supported. [Jah]
|
||||
|
||||
o Fixed an assertion failure which could occur on at least SPARC Linux
|
||||
@@ -287,7 +287,7 @@ o [NSE] Remove the old nse_macros.h header file. This involved
|
||||
nse_fs.h. [Patrick]
|
||||
|
||||
o Cleaned up the libpcre build system a bit by removing Makefile.am
|
||||
and modifying configure.ac to prevent uneccesary removal of
|
||||
and modifying configure.ac to prevent unnecessary removal of
|
||||
pcre_chartables.cc in some instances. [Fyodor]
|
||||
|
||||
o Fixed a bug which would cause Nmap to sometimes miscount the number
|
||||
@@ -318,7 +318,7 @@ o Ncat now uses a blocking socket in connect mode to resolve a failure
|
||||
buffers could not keep up and socket writes would start generating
|
||||
EAGAIN errors. [Venkat]
|
||||
|
||||
o Ncat now ignores SIGPIPE in listen mode. This fixes the comamnd
|
||||
o Ncat now ignores SIGPIPE in listen mode. This fixes the command
|
||||
"yes | ncat -l --keep-open --send-only", which was failing after the
|
||||
first client disconnected due to a broken pipe signal when Ncat
|
||||
would try to write more date before realizing that the client had
|
||||
|
||||
Reference in New Issue
Block a user