From 9d4771901f8bc36da568dd94326ab371cc0650ab Mon Sep 17 00:00:00 2001 From: fyodor Date: Fri, 15 May 2009 06:44:22 +0000 Subject: [PATCH] move legal-notices.xml and nmap-usage.xml to nmap docs directory since they are needed to build refguide (man page); add nmap-man-enclosures.xml which also eases building the refguide; add Nmap book details to refguide; rebuild man pages --- docs/legal-notices.xml | 184 ++++++++++++++++++++++++++++++++++++ docs/nmap-man-enclosure.xml | 15 +++ docs/nmap-usage.xml | 2 + docs/nmap.1 | 93 +++++++++--------- docs/refguide.xml | 47 +++++++-- 5 files changed, 285 insertions(+), 56 deletions(-) create mode 100644 docs/legal-notices.xml create mode 100644 docs/nmap-man-enclosure.xml create mode 100644 docs/nmap-usage.xml diff --git a/docs/legal-notices.xml b/docs/legal-notices.xml new file mode 100644 index 000000000..85c821c1e --- /dev/null +++ b/docs/legal-notices.xml @@ -0,0 +1,184 @@ +Legal Notices + + + Nmap Copyright and Licensing + copyright + GNU General Public License + + +The Nmap Security Scanner is (C) 1996–2009 Insecure.Com LLC. Nmap is also a registered trademark of Insecure.Com LLC. This program is free software; you may redistribute and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; Version 2 with the clarifications and exceptions described below. This guarantees your right to use, modify, and redistribute this software under certain conditions. If you wish to embed Nmap technology into proprietary software, we sell alternative licenses (contact sales@insecure.com). Dozens of software vendors already license Nmap technology such as host discovery, port scanning, OS detection, and version detection. + +Note that the GPL places important restrictions on +derived works, yet it does not provide a detailed +definition of that term. To avoid misunderstandings, we consider an +application to constitute a derivative work for the +purpose of this license if it does any of the following: + + +Integrates source code from Nmap +Reads or includes Nmap copyrighted data files, such as + nmap-os-db or + nmap-service-probes. +Executes Nmap and parses the results (as opposed to + typical shell or execution-menu apps, which simply display raw + Nmap output and so are not derivative works.) +Integrates/includes/aggregates Nmap into a proprietary + executable installer, such as those produced by + InstallShield. +Links to a library or executes a program that does any + of the above. + + +The term Nmap should be taken to also include any +portions or derived works of Nmap. This list is not exclusive, but is +meant to clarify our interpretation of derived works with some common +examples. Our interpretation applies only to Nmap—we don't +speak for other people's GPL works. + +If you have any questions about the GPL licensing restrictions +on using Nmap in non-GPL works, we would be happy to help. As +mentioned above, we also offer alternative license to integrate Nmap +into proprietary applications and appliances. These contracts have +been sold to many security vendors, and generally include a perpetual +license as well as providing for priority support and updates as well +as helping to fund the continued development of Nmap +technology. Please email sales@insecure.com for further +information. + +As a special exception to the GPL terms, Insecure.Com LLC grants +permission to link the code of this program with any version of the +OpenSSL library which is distributed under a license identical to that +listed in the included COPYING.OpenSSL file, and distribute linked +combinations including +the two.OpenSSLlinking exception +You must obey the GNU GPL in all +respects for all of the code used other than OpenSSL. If you modify +this file, you may extend this exception to your version of the file, +but you are not obligated to do so. + +If you received these files with a written license agreement or +contract stating terms other than the terms above, then that +alternative license agreement takes precedence over these +comments. + + + + Creative Commons License for this Nmap Guide + This Nmap Reference Guide is (C) 2005–2009 Insecure.Com LLC. It is + hereby placed under version 2.5 of the Creative Commons + Attribution License. This allows you redistribute and modify + the work as you desire, as long as you credit the original source. + Alternatively, you may choose to treat this document as falling under + the same license as Nmap itself (discussed previously). + + + + Source Code Availability and Community Contributions + +Source is provided to this software because we believe users +have a right to know exactly what a program is going to do before they +run it. This also allows you to audit the software for security holes +(none have been found so far). + +Source code also allows you to port Nmap to new platforms, fix bugs, +and add new features. You are highly encouraged to send your changes +to nmap-dev@insecure.org for possible incorporation +into the main distribution. By sending these changes to Fyodor or one +of the Insecure.Org development mailing lists, it is assumed that you +are offering the Nmap Project (Insecure.Com LLC) the unlimited, +non-exclusive right to reuse, modify, and relicense the code. Nmap +will always be available Open Source,open +source but this is important because the +inability to relicense code has caused devastating problems for other +Free Software projects (such as KDE and NASM). We also occasionally +relicense the code to third parties as discussed above. If you wish +to specify special license conditions of your contributions, just say +so when you send them. + + + +No Warranty<indexterm><primary>warranty (lack of)</primary></indexterm> + +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License v2.0 for more details at , or in the COPYING file +included with Nmap. + +It should also be noted that Nmap has occasionally been known to crash +poorly written applications, TCP/IP stacks, and even operating +systems.crashing targets +While this is extremely rare, it is important to keep in +mind. Nmap should never be run against mission +critical systems unless you are prepared to suffer +downtime. We acknowledge here that Nmap may crash your systems or +networks and we disclaim all liability for any damage or problems Nmap +could cause. + + +Inappropriate Usage +Because of the slight risk of crashes and because a few black +hats like to use Nmap for reconnaissance prior to attacking systems, +there are administrators who become upset and may complain when their +system is scanned. Thus, it is often advisable to request permission +before doing even a light scan of a network. + +Nmap should never be installed with special privileges +(e.g. suid root) for security reasons.setuid, why Nmap shouldn't be + + + +Third-Party Software + +This product includes software developed by +the Apache Software +Foundation. A modified version of the Libpcap portable packet capture +librarylibpcap +is distributed along with Nmap. +The Windows version of Nmap utilized the Libpcap-derived +WinPcap libraryWinPcap +instead. +Regular expression support is provided by the +PCRE library,Perl Compatible Regular Expressions (PCRE) +which is open-source software, written by Philip Hazel.Hazel, Philip +Certain raw networking functions use the +Libdnetlibdnet +networking library, which was written by Dug Song.Song, Dug +A modified version is distributed with Nmap. +Nmap can optionally link with the +OpenSSL +cryptography toolkitOpenSSL +for SSL version detection support. +The Nmap Scripting Engine uses an embedded version of +the Lua programming +language.Lua programming language +All of the third-party software described in this paragraph is freely +redistributable under BSD-style software licenses. + + + +United States Export Control<indexterm><primary>export control</primary></indexterm> + +Nmap only uses encryption when compiled with the optional +OpenSSL support and linked with OpenSSL. When compiled without +OpenSSL support, Insecure.Com LLC believes that Nmap is not subject to +U.S. Export +Administration Regulations (EAR) export control. As such, +there is no applicable ECCN (explort control classification number) +and exportation does not require any special license, permit, or other +governmental authorization. + +When compiled with OpenSSL support or distributed as source +code, Insecure.Com LLC believes that Nmap falls under +U.S. ECCN +5D002 +(Information Security Software). We distribute Nmap +under the TSU exception for publicly available encryption +software defined +in EAR +740.13(e). + + diff --git a/docs/nmap-man-enclosure.xml b/docs/nmap-man-enclosure.xml new file mode 100644 index 000000000..8f957ba9e --- /dev/null +++ b/docs/nmap-man-enclosure.xml @@ -0,0 +1,15 @@ + + + + +]> + + + +&refguide; + + + diff --git a/docs/nmap-usage.xml b/docs/nmap-usage.xml new file mode 100644 index 000000000..a15096cb8 --- /dev/null +++ b/docs/nmap-usage.xml @@ -0,0 +1,2 @@ + + diff --git a/docs/nmap.1 b/docs/nmap.1 index c910c67d8..7d7c93bf2 100644 --- a/docs/nmap.1 +++ b/docs/nmap.1 @@ -1,12 +1,12 @@ .\" Title: nmap -.\" Author: Gordon \(lqFyodor\(rq Lyon +.\" Author: [see the "Author" section] .\" Generator: DocBook XSL Stylesheets v1.74.0 -.\" Date: 05/12/2009 +.\" Date: 05/14/2009 .\" Manual: Nmap Reference Guide -.\" Source: Nmap First Edition +.\" Source: Nmap .\" Language: English .\" -.TH "NMAP" "1" "05/12/2009" "Nmap First Edition" "Nmap Reference Guide" +.TH "NMAP" "1" "05/14/2009" "Nmap" "Nmap Reference Guide" .\" ----------------------------------------------------------------- .\" * (re)Define some macros .\" ----------------------------------------------------------------- @@ -204,12 +204,12 @@ when it cannot determine which of the two states describe a port\&. The port tab In addition to the interesting ports table, Nmap can provide further information on targets, including reverse DNS names, operating system guesses, device types, and MAC addresses\&. .PP A typical Nmap scan is shown in -Example\ \&15.1\&. The only Nmap arguments used in this example are +Example\ \&1\&. The only Nmap arguments used in this example are \fB\-A\fR, to enable OS and version detection, script scanning, and traceroute; \fB\-T4\fR for faster execution; and then the two target hostnames\&. .PP -\fBExample\ \&15.1.\ \&A representative Nmap scan\fR +\fBExample\ \&1.\ \&A representative Nmap scan\fR .\" -A: example of .sp .if n \{\ @@ -261,8 +261,9 @@ Nmap done: 1 IP address (1 host up) scanned in 17\&.00 seconds .\} .PP The newest version of Nmap can be obtained from -\m[blue]\fB\%http://nmap.org\fR\m[]\&. The newest version of the man page is available at +\m[blue]\fB\%http://nmap.org\fR\m[]\&. The newest version of this man page is available at \m[blue]\fB\%http://nmap.org/book/man.html\fR\m[]\&. +It is also included as a chapter of Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning (see \m[blue]\fB\%http://nmap.org/book/\fR\m[])\&. .SH "Options Summary" .PP This options summary is printed when Nmap is run with no arguments, and the latest version is always available at @@ -1283,7 +1284,6 @@ extension; it will be added automatically if necessary\&. Nmap scripts are stored in a \FCscripts\F[] subdirectory of the Nmap data directory by default -Chapter\ \&14, Understanding and Customizing Nmap Data Files)\&. For efficiency, scripts are indexed in a database stored (see \m[blue]\fB\%http://nmap.org/book/data-files.html\fR\m[])\&. For efficiency, scripts are indexed in a database stored in @@ -2352,6 +2352,13 @@ since first sending a couple probes to determine whether a host is up is wastefu \fBnmap \-PN \-p80 \-oX logs/pb\-port80scan\&.xml \-oG logs/pb\-port80scan\&.gnmap 216\&.163\&.128\&.20/20\fR .PP This scans 4096 IPs for any web servers (without pinging them) and saves the output in grepable and XML formats\&. +.SH "Nmap Book" +.PP +While this reference guide details all material Nmap options, it can\'t fully demonstrate how to apply those features to quickly solve real\-world tasks\&. For that, we released +Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning\&. +Topics include subverting firewalls and intrusion detection systems, optimizing Nmap performance, and automating common networking tasks with the Nmap Scripting Engine\&. Hints and instructions are provided for common Nmap tasks such as taking network inventory, penetration testing, detecting rogue wireless access points, and quashing network worm outbreaks\&. Examples and diagrams show actual communication on the wire\&. More than half of the book is available free online\&. See +\m[blue]\fB\%http://nmap.org/book\fR\m[] +for more information\&. .SH "Bugs" .\" bugs, reporting .PP @@ -2374,7 +2381,9 @@ nmap\-dev (recommended) or to Fyodor directly\&. .SH "Author" .PP -Fyodor +Gordon +\(lqFyodor\(rq +Lyon \FCfyodor@insecure\&.org\F[] (\m[blue]\fB\%http://insecure.org\fR\m[]) .PP @@ -2472,7 +2481,7 @@ If you received these files with a written license agreement or contract stating This Nmap Reference Guide is (C) 2005\(en2009 Insecure\&.Com LLC\&. It is hereby placed under version 2\&.5 of the -\m[blue]\fBCreative Commons Attribution License\fR\m[]\&\s-2\u[14]\d\s+2\&. This allows you redistribute and modify the work as you desire, as long as you credit the original source\&. Alternatively, you may choose to treat this document as falling under the same license as Nmap itself (discussed previously)\&. +\m[blue]\fBCreative Commons Attribution License\fR\m[]\&\s-2\u[15]\d\s+2\&. This allows you redistribute and modify the work as you desire, as long as you credit the original source\&. Alternatively, you may choose to treat this document as falling under the same license as Nmap itself (discussed previously)\&. .SS "Source Code Availability and Community Contributions" .PP Source is provided to this software because we believe users have a right to know exactly what a program is going to do before they run it\&. This also allows you to audit the software for security holes (none have been found so far)\&. @@ -2500,48 +2509,31 @@ Nmap should never be installed with special privileges (e\&.g\&. suid root) for .SS "Third\-Party Software" .PP This product includes software developed by the -\m[blue]\fBApache Software Foundation\fR\m[]\&\s-2\u[15]\d\s+2\&. A modified version of the -\m[blue]\fBLibpcap portable packet capture library\fR\m[]\&\s-2\u[16]\d\s+2.\" libpcap +\m[blue]\fBApache Software Foundation\fR\m[]\&\s-2\u[16]\d\s+2\&. A modified version of the +\m[blue]\fBLibpcap portable packet capture library\fR\m[]\&\s-2\u[17]\d\s+2.\" libpcap is distributed along with Nmap\&. The Windows version of Nmap utilized the Libpcap\-derived -\m[blue]\fBWinPcap library\fR\m[]\&\s-2\u[17]\d\s+2.\" WinPcap +\m[blue]\fBWinPcap library\fR\m[]\&\s-2\u[18]\d\s+2.\" WinPcap instead\&. Regular expression support is provided by the -\m[blue]\fBPCRE library\fR\m[]\&\s-2\u[18]\d\s+2,.\" Perl Compatible Regular Expressions (PCRE) +\m[blue]\fBPCRE library\fR\m[]\&\s-2\u[19]\d\s+2,.\" Perl Compatible Regular Expressions (PCRE) which is open\-source software, written by Philip Hazel\&..\" Hazel, Philip Certain raw networking functions use the -\m[blue]\fBLibdnet\fR\m[]\&\s-2\u[19]\d\s+2.\" libdnet +\m[blue]\fBLibdnet\fR\m[]\&\s-2\u[20]\d\s+2.\" libdnet networking library, which was written by Dug Song\&..\" Song, Dug A modified version is distributed with Nmap\&. Nmap can optionally link with the -\m[blue]\fBOpenSSL cryptography toolkit\fR\m[]\&\s-2\u[20]\d\s+2.\" OpenSSL +\m[blue]\fBOpenSSL cryptography toolkit\fR\m[]\&\s-2\u[21]\d\s+2.\" OpenSSL for SSL version detection support\&. The Nmap Scripting Engine uses an embedded version of the -\m[blue]\fBLua programming language\fR\m[]\&\s-2\u[21]\d\s+2\&..\" Lua programming language +\m[blue]\fBLua programming language\fR\m[]\&\s-2\u[22]\d\s+2\&..\" Lua programming language All of the third\-party software described in this paragraph is freely redistributable under BSD\-style software licenses\&. .SS "United States Export Control.\" export control" .PP Nmap only uses encryption when compiled with the optional OpenSSL support and linked with OpenSSL\&. When compiled without OpenSSL support, Insecure\&.Com LLC believes that Nmap is not subject to U\&.S\&. -\m[blue]\fBExport Administration Regulations (EAR)\fR\m[]\&\s-2\u[22]\d\s+2 +\m[blue]\fBExport Administration Regulations (EAR)\fR\m[]\&\s-2\u[23]\d\s+2 export control\&. As such, there is no applicable ECCN (explort control classification number) and exportation does not require any special license, permit, or other governmental authorization\&. .PP When compiled with OpenSSL support or distributed as source code, Insecure\&.Com LLC believes that Nmap falls under U\&.S\&. ECCN -\m[blue]\fB5D002\fR\m[]\&\s-2\u[23]\d\s+2 +\m[blue]\fB5D002\fR\m[]\&\s-2\u[24]\d\s+2 (\(lqInformation Security Software\(rq)\&. We distribute Nmap under the TSU exception for publicly available encryption software defined in -\m[blue]\fBEAR 740\&.13(e)\fR\m[]\&\s-2\u[24]\d\s+2\&. -.SH "Author" -.PP -\fBGordon \(lqFyodor\(rq Lyon\fR -.RS 4 -Author. -.RE -.SH "Copyright" -.br -.PP -Copyright \(co 2009 by Insecure.Com LLC. All rights reserved, except where noted. -.PP -Copyright \(co 2009 by Insecure.Com LLC. All rights reserved. Except where noted otherwise in this work, no part may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or by any information storage or retrieval system, without the prior written permission of the copyright owner. -.PP -Nmap is a registered trademark of Insecure.Com LLC. Other product and company names mentioned herein may be the trademarks of their respective owners. Where those designations appear in this book, and the publisher was aware of a trademark claim, the designations have been printed with initial capital letters or in all capitals. -.PP -The authors and publisher have taken care in the preparation of this book, but make no expressed or implied warranty of any kind and assume no responsibility for errors or omissions. No liability is assumed for incidental or consequential damages in connection with or arising out of the use of the information or programs contained herein. -.sp +\m[blue]\fBEAR 740\&.13(e)\fR\m[]\&\s-2\u[25]\d\s+2\&. .SH "Notes" .IP " 1." 4 RFC 1122 @@ -2609,56 +2601,63 @@ listed at Wikipedia \%http://en.wikipedia.org/wiki/List_of_IPv6_tunnel_brokers .RE .IP "14." 4 +Nmap + Network Scanning: The Official Nmap Project Guide to Network + Discovery and Security Scanning +.RS 4 +\%http://nmap.org/book/ +.RE +.IP "15." 4 Creative Commons Attribution License .RS 4 \%http://creativecommons.org/licenses/by/2.5/ .RE -.IP "15." 4 +.IP "16." 4 Apache Software Foundation .RS 4 \%http://www.apache.org .RE -.IP "16." 4 +.IP "17." 4 Libpcap portable packet capture library .RS 4 \%http://www.tcpdump.org .RE -.IP "17." 4 +.IP "18." 4 WinPcap library .RS 4 \%http://www.winpcap.org .RE -.IP "18." 4 +.IP "19." 4 PCRE library .RS 4 \%http://www.pcre.org .RE -.IP "19." 4 +.IP "20." 4 Libdnet .RS 4 \%http://libdnet.sourceforge.net .RE -.IP "20." 4 +.IP "21." 4 OpenSSL cryptography toolkit .RS 4 \%http://www.openssl.org .RE -.IP "21." 4 +.IP "22." 4 Lua programming language .RS 4 \%http://www.lua.org .RE -.IP "22." 4 +.IP "23." 4 Export Administration Regulations (EAR) .RS 4 \%http://www.access.gpo.gov/bis/ear/ear_data.html .RE -.IP "23." 4 +.IP "24." 4 5D002 .RS 4 \%http://www.access.gpo.gov/bis/ear/pdf/ccl5-pt2.pdf .RE -.IP "24." 4 +.IP "25." 4 EAR 740.13(e) .RS 4 \%http://www.access.gpo.gov/bis/ear/pdf/740.pdf diff --git a/docs/refguide.xml b/docs/refguide.xml index 453f291b7..723130a62 100644 --- a/docs/refguide.xml +++ b/docs/refguide.xml @@ -124,10 +124,14 @@ Nmap done: 1 IP address (1 host up) scanned in 17.00 seconds -The newest version of Nmap can be obtained from . The newest version of the man -page is available at . +The newest version of Nmap can be obtained from +. The newest version of this man page +is available at . +It is also included as a chapter of Nmap Network +Scanning: The Official Nmap Project Guide to Network Discovery and +Security Scanning (see +). + @@ -2085,13 +2089,13 @@ it will be added automatically if necessary. script databasescript.db scripts, location of + Nmap scripts are stored in a scripts subdirectory of the Nmap data directory by default -). For efficiency, scripts are indexed in -a database stored (see ). -(see ). For efficiency, -scripts are indexed in a database stored +(see ). +For efficiency, scripts are indexed in +a database stored in scripts/script.db,script.db which lists the category or categories in which each script belongs. @@ -4147,6 +4151,31 @@ overwhelming requests. Specify to only see + + + Nmap Book + + While this reference guide details all material Nmap + options, it can't fully demonstrate how to apply those features to + quickly solve real-world tasks. For that, we + released Nmap Network Scanning: The Official + Nmap Project Guide to Network Discovery and Security + Scanning.Nmap + Network Scanning: The Official Nmap Project Guide to Network + Discovery and Security Scanning. Topics + include subverting firewalls and intrusion detection systems, + optimizing Nmap performance, and automating common networking + tasks with the Nmap Scripting Engine. Hints and instructions are + provided for common Nmap tasks such as taking network inventory, + penetration testing, detecting rogue wireless access points, and + quashing network worm outbreaks. Examples and diagrams show + actual communication on the wire. More than half of the book is + available free online. See + for more information. + + + + Bugs bugs, reporting @@ -4180,7 +4209,7 @@ overwhelming requests. Specify to only see Author - Fyodor + Gordon Fyodor Lyon fyodor@insecure.org ()