From 8ea3f0ae6d24759509cef66fc9c72032d561f74a Mon Sep 17 00:00:00 2001 From: fyodor Date: Sat, 6 Sep 2008 05:13:20 +0000 Subject: [PATCH] Whew! Major update to the CHANGELOG in preparation for a new release --- CHANGELOG | 168 +++++++++++++++++++++++++++++++++++++----------------- 1 file changed, 115 insertions(+), 53 deletions(-) diff --git a/CHANGELOG b/CHANGELOG index 9faf1fca1..7a8133ec7 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -2,41 +2,51 @@ 4.69BETA1 -o zenmap scan inventory place holder. +o [Zenmap] Added a new Scan Topology system. The idea is that if we + are going to call Nmap the "Network Mapper", it should at least be + able to draw you a map of the network! And that is what this new + system does. It was achieved by integrating the RadialNet Nmap + visualization tool (http://www.dca.ufrn.br/~joaomedeiros/radialnet), + into Zenmap. Joao Medeiros has been developing RadialNet for more + than a year. For details, complete with some of the most beautiful + Zenmap screen shots ever, visit + http://nmap.org/book/zenmap-topology.html. The integration work was + done by SoC student Vladimir Mitrovic and his mentor David Fifield. -o zenmap radialnet integration place holder. - -o A bug was fixed in Zenmap where clicking "Cancel" in a file chooser - in the diff interface would cause a crash. - -o --traceroute now uses the timing ping probe saved from host - discovery and port scanning instead of finding its own probe. The - timing ping probe is always the best probe for eliciting a response - Nmap knows of. This will have the most effect on traceroute after a - ping scan, where traceroute would sometimes pick the wrong probe and - traceroute would fail even though the target was up. +o [Zenmap] Another exciting new Zenmap feature is Scan Aggregation. + This allows you to visualize and analyze the results of multiple + scans at once, as if they were from one Nmap execution. So you might + scan one network, analyze the results a bit, then scan some of the + machines more intensely or add a completely new subnet to the + scan. The new results are seamlessly added to the old, as described + at http://nmap.org/book/zenmap-scanning.html#aggregation. [David, + Vladimir] o Expanded nmap-services to include information on how frequently each port number is found open. The results were generated by scanning - tens of millions of IPs on the Internet. [Fyodor] + tens of millions of IPs on the Internet this Summer, and augmented + with internal network data contributed by some large + organizations. [Fyodor] o Nmap now scans the most common 1,000 ports by default in either protocol (UDP scan is still optional). This is a decrease from 1,715 TCP ports and 1,488 UDP ports in Nmap 4.68. So Nmap is faster - by default and, since the port selection is better, often finds more - of the open ports as well. [Fyodor] + by default and, since the port selection is better thanks to the + port frequency data, it often finds more open ports as + well. [Fyodor] o Nmap fast scan (-F) now scans the top 100 ports by default in either protocol. This is a decrease from 1,276 (TCP) and 1,017 (UDP) in - Nmap 4.68, leading to an order of magnitude decrease in port - scanning time. [Fyodor] + Nmap 4.68. Port scanning time with -F is generally an order of + magnitude faster than before, making -F worthy of its "fast scan" + moniker. [Fyodor] o The --top-ports option lets you specify the number of ports you wish to scan in each protocol, and will pick the most popular ports for you based on the new frequency data. For both TCP and UDP, the top 10 ports gets you roughly half of the open ports. The top 1,000 (out of 65,536 possible) finds roughly 93% of the open TCP ports and - more than 95% of the open UDP ports. [Fyodor] + more than 95% of the open UDP ports. [Fyodor, Doug Hoyte] o David integrated all of your OS detection fingerprint and correction submissions from March 11 until mid-July. In the process we reached @@ -49,36 +59,51 @@ o David integrated all of your OS detection fingerprint and correction http://seclists.org/nmap-dev/2008/q3/0089.html and http://seclists.org/nmap-dev/2008/q3/0139.html for more details. -o Nmap now works with Windows 2000 again, after version 4.68 was - broken on that platform due to the Windows IPv6 support added in - 4.65. A couple new dependencies are required to run on Win2K, as - described at http://nmap.org/book/inst-windows.html#inst-win2k . +o Nmap now works with Windows 2000 again, after being broken by our + IPv6 support improvements in version 4.65. A couple new dependencies + are required to run on Win2K, as described at + http://nmap.org/book/inst-windows.html#inst-win2k . -o Added a context-sensitive help system to the Zenmap Profile Editor. - You can now mouse-over options to learn more about what they are - used for and the proper argument syntax. [Jurand Nogiec] +o [Zenmap] Added a context-sensitive help system to the Profile + Editor. You can now mouse-over options to learn more about what + they are used for and their proper argument syntax. [Jurand Nogiec] o When Nmap finds a probe during ping scan which elicits a response, it now saves that information for the port scan and later phases. It can then "ping" the host with that probe as necessary to collect timing information even if the host is not responding to the normal - port scan packets. A number of other "port scan ping" system - improvements were made at the same time to improve performance - against firewalled hosts. For full details, see - http://seclists.org/nmap-dev/2008/q3/0647.html [David, Michael, - Fyodor] + port scan packets. Previously, Nmap's port scan timing pings could + only use information gathered during that port scan itself. A + number of other "port scan ping" system improvements were made at + the same time to improve performance against firewalled hosts. For + full details, see http://seclists.org/nmap-dev/2008/q3/0647.html + [David, Michael, Fyodor] -o Added dns-safe-recursion-port and dns-safe-recursion-txid (non - default NSE scripts) which use the 3rd party dns-oarc.net lookup to - test the source port and transaction ID randomness of discovered DNS - servers (assuming they allow recursion at all). These scripts, - which test for the "Kaminsky" DNS bugs, were contributed by Brandon - Enright. +o --traceroute now uses the timing ping probe saved from host + discovery and port scanning instead of finding its own probe. The + timing ping probe is always the best probe Nmap knows about for + eliciting a response from a target. This will have the most effect + on traceroute after a ping scan, where traceroute would sometimes + pick an ineffective probe and traceroute would fail even though the + target was up. [David] + +o Added dns-safe-recursion-port and dns-safe-recursion-txid + (non-default NSE scripts) which use the 3rd party dns-oarc.net + lookup to test the source port and transaction ID randomness of + discovered DNS servers (assuming they allow recursion at all). + These scripts, which test for the "Kaminsky" DNS bugs, were + contributed by Brandon Enright. o Added whois.nse, which queries the Regional Internet Registries (RIRs) to determine who the target IP addresses are assigned to. [Jah] +o [Zenmap] Overhauled the default list of scan profiles based on + nmap-dev discussion. Users now have a much more diverse and useful + set of default profile options. And if they don't like any of those + canned scan commands, they can easily create their own in the + Profile Editor! [David] + o Fyodor made a number of performance tweaks, such as: o increase host group sizes in many cases, so Nmap will now commonly scan 64 hosts at a time rather than 30 @@ -141,11 +166,10 @@ o Added IPProto Ping (-PO) support to Traceroute, and fixed support for IPProto Scan (-sO) and the ICMP Pings (-PE, -PP, -PM) in Traceroute as well. These could cause Nmap to hang during Traceroute. [Kris] -o Added a "Cancel" button to Zenmap which allows you to cancel a scan - in progress without losing the Nmap output obtained so far. [Jurand - Nogiec] +o [Zenmap] Added a "Cancel" button for cancelling a scan in progress + without losing any Nmap output obtained so far. [Jurand Nogiec] -o Improve the nebtios-smb-os-discovery NSE script to improve target +o Improve the netbios-smb-os-discovery NSE script to improve target port selection and to also decode the system's timestamp from an SMB response. [Ron at SkullSecurity] @@ -207,10 +231,10 @@ o Fixed a number of NSE scripts which used print_debug() incorrectly. See http://seclists.org/nmap-dev/2008/q3/0470.html. [Sven Klemm]. -o The Zenmap Ports/Hosts view now provides full version detection +o [Zenmap] The Ports/Hosts view now provides full version detection values rather than just a simple summary. [Jurand Nogiec] -o Zenmap: When you edit the command-entry field, then change the +o [Zenmap] When you edit the command-entry field, then change the target selection, Nmap no longer blows away your edits in favor of using your current profile. [Jurand Nogiec] @@ -222,12 +246,18 @@ o Nsock now returns data from UDP packets individually, preserving the sending the patch. Doug Hoyte helped with testing, and it was applied by Fyodor. +o [Zenmap] Fixed a crash which would occur when you try to compare two + files, either of which has more than one extraports element. [David] + +o [Zenmap] Make the higwidgets library a subpackage of zenmapGUI to + avoid file name conflicts with Umit. [David] + o Added the undocumented (except here) --nogcc option which disables global/group congestion control algorithms and so each member of a scan group of machines is treated separately. This is just an experimental option for now. [Fyodor] -o The Ports/Hosts display in Zenmap now has different colors for open +o [Zenmap] The Ports/Hosts display now has different colors for open and closed ports. [Vladimir] o Fixed Zenmap so that it displays all Nmap errors. Previously, only @@ -283,7 +313,7 @@ o Some Zenmap crashes have been fixed: trying to "refresh" the output of a scan loaded from a file, and trying to re-save a file loaded from the command line in some circumstances. [David] -o The file selector in Zenmap now remembers what directory it was last +o [Zenmap] The file selector now remembers what directory it was last looking at. [David] o Added an extra layer of validity checking to received packets @@ -301,21 +331,22 @@ o Nmap avoids printing the sending rate in bytes per second during a 0.00 bytes / s. Now it will print simply print rates like "11248.85 packets / s". [David] -o Nmap's installation process now include .desktop files which install - menu items for launching Zenmap as a privileged or non-privileged - process on Linux. This will mainly effect people who install nmap - and zenmap directly from the source code. [Michael] +o [Zenmap] Nmap's installation process now include .desktop files + which install menu items for launching Zenmap as a privileged or + non-privileged process on Linux. This will mainly effect people who + install nmap and Zenmap directly from the source code. [Michael] o Improved performance of IP protocol scan by fixing a bug related to timing calculations on ICMP probe responses. See r8754 svn log for full details. [David] -o Nmap no longer misreports a localhost-response during -PN scans - [Michael] +o Nmap --reason output no longer falsely reports a localhost-response + during -PN scans. See + http://seclists.org/nmap-dev/2008/q3/0188.html. [Michael] -o The higwidgets Python package used by Zenmap has been made a - subpackage of zenmapGUI. This is to avoid naming conflicts with - Umit, which uses a slightly different version of higwidgets. [David] +o [Zenmap] The higwidgets Python package has moved so it is now a + subpackage of zenmapGUI. This avoids naming conflicts with Umit, + which uses a slightly different version of higwidgets. [David] o A bug that could cause some host discovery probes to be incorrectly interpreted as drops was fixed. This occurred only when the IP @@ -336,11 +367,42 @@ o Added a script (ASN.nse) which uses Team Cymru's DNS interface to set up a special domain just for Nmap queries. The script is still experimental and non-default. [Jah, Michael] +o [Zenmap] Clicking "Cancel" in a file chooser in the diff interface + no longer causes a crash. [David] + o The shtool build helper script has been updated to version 2.0.8. An older version of shutil caused installation to fail when the locale was set to et_EE. Thanks to Michal Januszewski for the bug report. [David] +o [Zenmap] Removed services.dmp and os_dmp.dmp and all the files that + referred to them. They are not needed with the new search + interface. Also removed an unused search progress bar. And some + broken fingerprint submission code. Yay for de-bloating! [David] + +o [Zenmap] Added "%F" to the Exec link in the new Zenmap desktop + file. We expect (hope) that this will allow dragging and dropping + XML files onto the icon. [David] + +o [Zenmap] The -o[XGASN] options can now be specified, just as you can + at the console. [Vladimir] + +o [Zenmap] You can now shrink the scan window below its default + size thanks to NmapOutputViewer code enhancements. [David] + +o [Zenmap] Removed optional use of the Psyco Python optimizer since + Zenmap is not the kind of CPU-bound application which benefits from + Psyco. + +o [Zenmap] You can now select more than one host in the "Ports / + Hosts" view by control-clicking them in the column at left. + +o [Zenmap] The profile editor now offers the --traceroute option. + +o Zenmap now uses Unicode objects pervasively when dealing with Nmap + text output, though the only internationalized text Nmap currently + outputs is the user's time zone. [David] + o Unprintable characters in NSE script output (which really shouldn't happen anyway) are now printed like \xHH, where HH is the hexadecimal representation of the character. See