diff --git a/CHANGELOG b/CHANGELOG index d9e052298..1362d40f9 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -2,6 +2,9 @@ 4.22SOC1 +o Upgraded from WinPcap 4.0 to WinPcap 4.01 and fixed a versioning + error [Eddie] + o The port selection mechanism was overhauled. Nmap now knows (roughly) how common various services are, so you can specify options such as --top-ports 50 to scan the 50 most popular ports. diff --git a/docs/nmap.1 b/docs/nmap.1 index cd0f44a6b..04ec7f10c 100644 --- a/docs/nmap.1 +++ b/docs/nmap.1 @@ -118,6 +118,7 @@ SCAN TECHNIQUES: \-sO: IP protocol scan \-b : FTP bounce scan \-\-traceroute: Trace hop path to each host + \-\-reason: Display the reason a port is in a particular state PORT SPECIFICATION AND SCAN ORDER: \-p : Only scan specified ports Ex: \-p22; \-p1\-65535; \-p U:53,111,137,T:21\-25,80,139,8080 @@ -381,6 +382,9 @@ Traceroutes are performed post\-scan using information from the scan results to .sp Traceroute works by sending packets with a low TTL (time\-to\-live) in an attempt to illicit ICMP TTL_EXCCEDED messages from intermediate hops between the scanner and the target host. Standard traceroute implementation start with a TTL of 1 and increment the TTL until the destination host is reached. Nmap's traceroute starts with a high TTL and then decrements the TTL until it reaches 0. Doing it backwards lets nmap employ clever caching algorithms to speed up traces over multiple hosts. On average nmap sends 5\-10 fewer packets per host, depending on network conditions. If a single subnet is being scanned (i.e. 192.168.0.0/24) nmap may only have to send a single packet to most hosts. .TP +\fB\-\-reason\fR (Host and port state reasons) +Shows the reason each port is set to a specific state and the reason each host is up or down. This option displays the type of the packet that determined a port or hosts state. For example, A RST packet from a closed port or an echo reply from an alive host. The information nmap can provide is determined by the type of scan or ping. The SYN scan and SYN ping (\fB\-sS and -PT\fR) are very detailed. Whilst the TCP connect scan and ping (\fB\-sT\fR) are limited by the implementation of connect(). This feature is automatically enabled by the debug flag (\fB\-d\fR) and the results are stored in XML log files even if this option is not specified. +.TP \fB\-n\fR (No DNS resolution) Tells Nmap to \fInever\fR diff --git a/docs/refguide.xml b/docs/refguide.xml index cc1e48f50..77639d1bb 100644 --- a/docs/refguide.xml +++ b/docs/refguide.xml @@ -692,7 +692,19 @@ Traceroute works by sending packets with a low TTL (time-to-live) in an attempt + + + (Host and port state reasons) + + + --reason + Host and port state reasons + +Shows the reason each port is set to a specific state and the reason each host is up or down. This option displays the type of the packet that determined a port or hosts state. For example, A RST packet from a closed port or an echo reply from an alive host. The information nmap can provide is determined by the type of scan or ping. The SYN scan and SYN ping (\fB\-sS and -PT\fR) are very detailed. Whilst the TCP connect scan and ping (\fB\-sT\fR) are limited by the implementation of connect(). This feature is automatically enabled by the debug flag (\fB\-d\fR) and the results are stored in XML log files even if this option is not specified. + + + diff --git a/mswin32/nsis/Nmap.nsi b/mswin32/nsis/Nmap.nsi index 6e13e9a32..6b0cfbe77 100644 --- a/mswin32/nsis/Nmap.nsi +++ b/mswin32/nsis/Nmap.nsi @@ -96,10 +96,10 @@ Section "Register Nmap Path" SecRegisterPath Call AddToPath SectionEnd -Section "WinPcap 4.0" SecWinPcap - File ..\winpcap\winpcap-nmap-4.0.exe - Exec '"$INSTDIR\winpcap-nmap-4.0.exe"' - Delete "$INSTDIR\winpcap-nmap-4.0.exe" +Section "WinPcap 4.01" SecWinPcap + File ..\winpcap\winpcap-nmap-4.01.exe + Exec '"$INSTDIR\winpcap-nmap-4.01.exe"' + Delete "$INSTDIR\winpcap-nmap-4.01.exe" SectionEnd Section "Network Performance Improvements (Registry Changes)" SecPerfRegistryMods diff --git a/mswin32/winpcap/Packet.dll b/mswin32/winpcap/Packet.dll index af93f21c3..862c34115 100644 Binary files a/mswin32/winpcap/Packet.dll and b/mswin32/winpcap/Packet.dll differ diff --git a/mswin32/winpcap/WanPacket.dll b/mswin32/winpcap/WanPacket.dll index 46765f9dc..d003c5cbd 100644 Binary files a/mswin32/winpcap/WanPacket.dll and b/mswin32/winpcap/WanPacket.dll differ diff --git a/mswin32/winpcap/winpcap-nmap.nsi b/mswin32/winpcap/winpcap-nmap.nsi index 231c5fdfd..3ae8e5dbe 100644 --- a/mswin32/winpcap/winpcap-nmap.nsi +++ b/mswin32/winpcap/winpcap-nmap.nsi @@ -1,14 +1,17 @@ ;; Custom winpcap for nmap ;; Started by Doug Hoyte, April 2006 + +;; Eddie Bell ;; Updated to 4.0, June 2007 +;; Updated to 4.01, July 2007 ;-------------------------------- ; The name of the installer -Name "winpcap-nmap-4.0" +Name "winpcap-nmap-4.01" ; The file to write -OutFile "winpcap-nmap-4.0.exe" +OutFile "winpcap-nmap-4.01.exe" ; The default installation directory InstallDir $PROGRAMFILES\WinPcap @@ -40,7 +43,8 @@ UninstPage instfiles Function .onInit var /GLOBAL inst_ver var /GLOBAL my_ver - + StrCpy $my_ver "4.0.0.901" + IfSilent do_silent no_silent do_silent: @@ -62,13 +66,6 @@ Function .onInit IntOp $R5 $R1 & 0x0000FFFF StrCpy $inst_ver "$R2.$R3.$R4.$R5" - GetDllVersion "wpcap.dll" $R0 $R1 - IntOp $R2 $R0 / 0x00010000 - IntOp $R3 $R0 & 0x0000FFFF - IntOp $R4 $R1 / 0x00010000 - IntOp $R5 $R1 & 0x0000FFFF - StrCpy $my_ver "$R2.$R3.$R4.$R5" - StrCmp $inst_ver $my_ver same_ver MessageBox MB_YESNO|MB_ICONQUESTION "WinPcap version $inst_ver exists on this system. Replace with version $my_ver?" IDYES finish @@ -118,7 +115,7 @@ Section "" ;No components page, name is not important WriteRegStr HKLM "Software\WinPcap" "" '"$INSTDIR"' ; Write the uninstall keys for Windows - WriteRegStr HKLM "Software\Microsoft\Windows\CurrentVersion\Uninstall\winpcap-nmap" "DisplayName" "winpcap-nmap 4.0" + WriteRegStr HKLM "Software\Microsoft\Windows\CurrentVersion\Uninstall\winpcap-nmap" "DisplayName" "winpcap-nmap 4.01" WriteRegStr HKLM "Software\Microsoft\Windows\CurrentVersion\Uninstall\winpcap-nmap" "UninstallString" '"$INSTDIR\uninstall.exe"' WriteRegDWORD HKLM "Software\Microsoft\Windows\CurrentVersion\Uninstall\winpcap-nmap" "NoModify" 1 WriteRegDWORD HKLM "Software\Microsoft\Windows\CurrentVersion\Uninstall\winpcap-nmap" "NoRepair" 1 @@ -146,4 +143,4 @@ Section "Uninstall" RMDir "$INSTDIR" -SectionEnd \ No newline at end of file +SectionEnd diff --git a/mswin32/winpcap/wpcap.dll b/mswin32/winpcap/wpcap.dll index bc51be307..60718cd4a 100644 Binary files a/mswin32/winpcap/wpcap.dll and b/mswin32/winpcap/wpcap.dll differ