mirror of
https://github.com/nmap/nmap.git
synced 2025-12-27 18:09:01 +00:00
getting closer to being ready for CSW release
This commit is contained in:
fyodor
15
CHANGELOG
15
CHANGELOG
@@ -2,6 +2,21 @@
|
||||
|
||||
UNRELEASED
|
||||
|
||||
o Added ARP ping (-PR). Nmap can now send raw ethernet ARP requests to
|
||||
determine whether hosts on a LAN are up, rather than relying on
|
||||
higher-level IP packets (which can only be sent after a successful ARP
|
||||
request and reply anyway). This is much faster and more reliable
|
||||
(not subject to IP-level firewalling) than IP-based probes. The
|
||||
downside is that it only works when the target machine is on the same
|
||||
LAN as the scanning machine. It is recommended whenever those
|
||||
conditions are met, and may sometime become the default when Nmap
|
||||
detects that the conditions are met. Example usage: nmap -sP -PR
|
||||
192.168.0.0/16 . This is not yet supported on Windows.
|
||||
|
||||
o Added a stripped-down version of Dug Song's excellent libdnet
|
||||
networking library (v. 1.10). This allows Nmap to send raw ethernet
|
||||
frames for the new ARP ping feature.
|
||||
|
||||
o Fixed the way tcp connect scan (-sT) respons to ICMP network
|
||||
unreachable responses (patch by Richard Moore
|
||||
(rich(a)westpoint.ltd.uk).
|
||||
|
||||
@@ -60,7 +60,7 @@ export DEPS = nmap.h nmap_amigaos.h nmap_error.h targets.h idle_scan.h osscan.h
|
||||
|
||||
all: $(TARGET) $(TARGETNMAPFE)
|
||||
|
||||
$(TARGET): $(DEPS) @PCAP_DEPENDS@ @PCRE_DEPENDS@ @LIBDNET_DEPENDS@ $(NBASEDIR)/libnbase.a $(NSOCKDIR)/src/libnsock.a $(OBJS)
|
||||
$(TARGET): $(DEPS) @PCAP_DEPENDS@ @PCRE_DEPENDS@ @DNET_DEPENDS@ $(NBASEDIR)/libnbase.a $(NSOCKDIR)/src/libnsock.a $(OBJS)
|
||||
@echo Compiling nmap
|
||||
rm -f $@
|
||||
$(CXX) $(LDFLAGS) -o $@ $(OBJS) $(LIBS)
|
||||
@@ -113,7 +113,7 @@ pcap_clean:
|
||||
-cd $(LIBPCAPDIR) && $(MAKE) clean
|
||||
pcre_clean:
|
||||
-cd $(LIBPCREDIR) && $(MAKE) clean
|
||||
dnet_clean
|
||||
dnet_clean:
|
||||
-cd $(LIBDNETDIR) && $(MAKE) clean
|
||||
nmapfe_clean:
|
||||
-cd nmapfe && $(MAKE) clean
|
||||
|
||||
@@ -304,7 +304,7 @@ int TargetGroup::parse_expr(const char * const target_expr, int af) {
|
||||
* get_next_host should be used for skipping the last octet :-)
|
||||
* returns: number of hosts skipped */
|
||||
int TargetGroup::skip_range(_octet_nums octet) {
|
||||
int hosts_skipped = 0, /* number of hosts skipped */
|
||||
unsigned long hosts_skipped = 0, /* number of hosts skipped */
|
||||
oct = 0, /* octect number */
|
||||
i; /* simple lcv */
|
||||
|
||||
@@ -330,7 +330,7 @@ int TargetGroup::skip_range(_octet_nums octet) {
|
||||
}
|
||||
|
||||
/* catch if we try to take more than are left */
|
||||
assert(ipsleft >= hosts_skipped - 1);
|
||||
assert(ipsleft + 1>= hosts_skipped);
|
||||
|
||||
/* increment the next octect that we can above us */
|
||||
for (i = oct; i >= 0; i--) {
|
||||
|
||||
2
configure
vendored
2
configure
vendored
@@ -6341,7 +6341,7 @@ subdirs="$subdirs libdnet-stripped "
|
||||
|
||||
CXXFLAGS="-I$LIBDNETDIR/include $CXXFLAGS"
|
||||
LIBDNET_LIBS="$LIBDNETDIR/src/.libs/libdnet.a"
|
||||
DNET_DEPENDS="$LIBDNETDIR/libdnet.a"
|
||||
DNET_DEPENDS="$LIBDNETDIR/src/.libs/libdnet.a"
|
||||
DNET_CLEAN="dnet_clean"
|
||||
DNET_DIST_CLEAN="dnet_dist_clean"
|
||||
else
|
||||
|
||||
@@ -465,7 +465,7 @@ if test $have_dnet != yes ; then
|
||||
AC_CONFIG_SUBDIRS( libdnet-stripped )
|
||||
CXXFLAGS="-I$LIBDNETDIR/include $CXXFLAGS"
|
||||
LIBDNET_LIBS="$LIBDNETDIR/src/.libs/libdnet.a"
|
||||
DNET_DEPENDS="$LIBDNETDIR/libdnet.a"
|
||||
DNET_DEPENDS="$LIBDNETDIR/src/.libs/libdnet.a"
|
||||
DNET_CLEAN="dnet_clean"
|
||||
DNET_DIST_CLEAN="dnet_dist_clean"
|
||||
else
|
||||
|
||||
13
docs/nmap.1
13
docs/nmap.1
@@ -143,9 +143,9 @@ for a RST or a SYN/ACK. For non-root users, a connect()
|
||||
method is used.
|
||||
.Sp
|
||||
By default (for root users), nmap uses both the ICMP and ACK
|
||||
techniques in parallel. You can change the
|
||||
.B \-P
|
||||
option described later.
|
||||
techniques in parallel. You can change these with the
|
||||
.B \-P
|
||||
options described later.
|
||||
.Sp
|
||||
Note that pinging is done by default anyway, and only hosts
|
||||
that respond are scanned. Only use this option if you wish
|
||||
@@ -387,6 +387,13 @@ ACK packets for root users. Hosts that are up should
|
||||
respond with a RST (or, rarely, a SYN|ACK). You can set the
|
||||
destination ports in the same manner as \-PA above.
|
||||
.TP
|
||||
.B \-PR
|
||||
This option specifies a raw ethernet ARP ping. It cannot be used in
|
||||
combination with any of the other ping types. When the target
|
||||
machines are on the same network you are scanning from, this is the
|
||||
fastest and most reliable (because it goes below IP-level filters)
|
||||
ping method. Nmap sends an IPv4-to-Ethernet ARP request for each
|
||||
target IP, and watches for any ARP response.
|
||||
.B \-PU [portlist]
|
||||
This option sends UDP probes to the specified hosts, expecting an ICMP
|
||||
port unreachable packet (or possibly a UDP response if the port is
|
||||
|
||||
Reference in New Issue
Block a user