tval2msecs and tval2secs. This affects the following options:
Nmap:
--host-timeout
--max-rtt-timeout --min-rtt-timeout --initial-rtt-timeout
--scan-delay --max-scan-delay
--stats-every
Ncat:
-d --delay
-i --idle-timeout
-w --wait
Nping:
--delay
--host-timeout
--icmp-orig-time --icmp-recv-time --icmp-trans-time
Some sanity checks have been added when it looks like someone is using
the old default of milliseconds. For example,
$ ./nmap --host-timeout 10000
The default unit for --host-timeout is seconds (since April 2010), so your time of "10000" is 2.8 hours. If this is what you want, use "10000s".
QUITTING!
$ ./nmap --scan-delay 1000
The default unit for --scan-delay is seconds (since April 2010), so your time of "1000" is 16.7 minutes. Use "1000ms" for 1000 milliseconds.
QUITTING!
Times with a unit are always taken at face value and will avoid the
error message.
See http://seclists.org/nmap-dev/2010/q2/159 for discussion.
was to hide command line arguments from the process list. It had
been broken (would segfault during the second scan) since before May
2009 until February 2010 and was rarely used. The fact that it was
broken was reported by Juan Carlos Castro y Castro.
See http://seclists.org/nmap-dev/2009/q2/464 and
http://seclists.org/nmap-dev/2010/q1/688 for report and discussion.
This establishes a more regular syntax for some options that disable
phases of a scan:
-n no reverse DNS
-Pn no host discovery
-sn no port scan
Also, the -sP was possibly misleading because the 'P' suggests "ping
scan," when you can now do more than just pinging when you disable port
scanning. For example, -sC -sn and -sn -Pn --traceroute make sense.
while still mentioning that "ping scan" is a common term. Mention the
use of -PN and -sP together to run NSE host scripts without ping and
port scanning.
error
You can't use --max-parallelism with --scan-delay.
QUITTING!
to a warning
Warning: --min-parallelism and --max-parallelism are ignored with --scan-delay.
a layer 4 protocol used mostly for telephony related applications.
This brings the following new features:
o SCTP INIT chunk port scan (-sY): open ports return an INIT-ACK
chunk, closed ones an ABORT chunk. This is the SCTP equivalent
of a TCP SYN stealth scan.
o SCTP COOKIE-ECHO chunk port scan (-sZ): open ports are silent,
closed ports return an ABORT chunk.
o SCTP INIT chunk ping probes (-PY): host discovery using SCTP
INIT chunk packets.
o SCTP-specific IP protocol scan (-sO -p sctp).
o SCTP-specific traceroute support (--traceroute).
o The ability to use the deprecated Adler32 algorithm as specified
in RFC 2960 instead of CRC32C from RFC 4960 (--adler32).
o 42 well-known SCTP ports were added to the nmap-services file.
Part of the work on SCTP support was kindly sponsored by
Compass Security AG, Switzerland. [Daniel Roethlisberger]
