currently recommended way to disable both host discovery and port
scanning. The only other phase that can run in the absence of these two
is NSE, and then with host scripts only. -sP should not by thought of as
"ping scan" but as "don't port scan," because more than a ping scan can
happen when you use it. More reasonable and mnemonic options for
disabling these phases will be forthcoming.
a layer 4 protocol used mostly for telephony related applications.
This brings the following new features:
o SCTP INIT chunk port scan (-sY): open ports return an INIT-ACK
chunk, closed ones an ABORT chunk. This is the SCTP equivalent
of a TCP SYN stealth scan.
o SCTP COOKIE-ECHO chunk port scan (-sZ): open ports are silent,
closed ports return an ABORT chunk.
o SCTP INIT chunk ping probes (-PY): host discovery using SCTP
INIT chunk packets.
o SCTP-specific IP protocol scan (-sO -p sctp).
o SCTP-specific traceroute support (--traceroute).
o The ability to use the deprecated Adler32 algorithm as specified
in RFC 2960 instead of CRC32C from RFC 4960 (--adler32).
o 42 well-known SCTP ports were added to the nmap-services file.
Part of the work on SCTP support was kindly sponsored by
Compass Security AG, Switzerland. [Daniel Roethlisberger]
inserts null characters it was effectively truncating the option
argument value after it was done with it. So --script=a,b,c would become
--script=a in log files.
scan on Windows with --unprivileged. Previously Nmap assumed that the only way
o.isr00t could be false on Windows was if pcap functions were not available, so
the user would get the false message "requires that WinPcap version 3.1 or
higher...". NmapOps now has a state variable have_pcap so the meaning of isr00t
isn't overloaded.
Fyodor got the warning
NmapOps.cc: In function âchar* filename_to_url(const char*)â:
NmapOps.cc:195: warning: comparison is always true due to limited range of data type
and later a segmentation fault.
o Nsock now supports binding to a local address and setting IPv4 options
with nsi_set_localaddr() and nsi_set_ipoptions(), respectively. [Kris]
o Nmap's Nsock-utilizing subsystems (DNS, NSE, version detection) have been
updated to support the -S and --ip-options flags. [Kris]
o Added the undocumented (except here) --nogcc option which disables
global/group congestion control algorithms and so each member of a
scan group of machines is treated separately. This is just an
experimental option for now. [Fyodor]
Previously the ping probe data structures were stored in NmapOps,
now they will be stored in the scan_lists struct. All other changes
auxiliary to this reorganization.
This is the merging of the code that was previously in
/nmap-exp/david/nmap-massping-migration. These are all the big changes
that get rid of massping in favor of doing host discovery using
ultra_scan.
For now, there is a toggle that turns these new changes off. Undefine
NEW_MASSPING in targets.cc to go back to the old code. All of that will
be deleted eventually.
There are likely a few more changes that will be made to this system in
the near future. Those will be made in
/nmap-exp/david/nmap-massping-migration and merged back.
Don't release this just yet, because I'm going to make a few more
commits real quick to remove some debugging stuff.
(Note to self: this merge back was from r5693 in
/nmap-exp/david/nmap-massping-migration.)
