returning floating-point seconds. Everywhere o.TimeSinceStartMS was
called, the return value was being divided by 1000.0, which had the same
effect but would overflow when the difference exceeded about 25 days
(2^31 milliseconds). This patch is by Daniel Miller.
was to hide command line arguments from the process list. It had
been broken (would segfault during the second scan) since before May
2009 until February 2010 and was rarely used. The fact that it was
broken was reported by Juan Carlos Castro y Castro.
See http://seclists.org/nmap-dev/2009/q2/464 and
http://seclists.org/nmap-dev/2010/q1/688 for report and discussion.
This establishes a more regular syntax for some options that disable
phases of a scan:
-n no reverse DNS
-Pn no host discovery
-sn no port scan
Also, the -sP was possibly misleading because the 'P' suggests "ping
scan," when you can now do more than just pinging when you disable port
scanning. For example, -sC -sn and -sn -Pn --traceroute make sense.
currently recommended way to disable both host discovery and port
scanning. The only other phase that can run in the absence of these two
is NSE, and then with host scripts only. -sP should not by thought of as
"ping scan" but as "don't port scan," because more than a ping scan can
happen when you use it. More reasonable and mnemonic options for
disabling these phases will be forthcoming.
a layer 4 protocol used mostly for telephony related applications.
This brings the following new features:
o SCTP INIT chunk port scan (-sY): open ports return an INIT-ACK
chunk, closed ones an ABORT chunk. This is the SCTP equivalent
of a TCP SYN stealth scan.
o SCTP COOKIE-ECHO chunk port scan (-sZ): open ports are silent,
closed ports return an ABORT chunk.
o SCTP INIT chunk ping probes (-PY): host discovery using SCTP
INIT chunk packets.
o SCTP-specific IP protocol scan (-sO -p sctp).
o SCTP-specific traceroute support (--traceroute).
o The ability to use the deprecated Adler32 algorithm as specified
in RFC 2960 instead of CRC32C from RFC 4960 (--adler32).
o 42 well-known SCTP ports were added to the nmap-services file.
Part of the work on SCTP support was kindly sponsored by
Compass Security AG, Switzerland. [Daniel Roethlisberger]
inserts null characters it was effectively truncating the option
argument value after it was done with it. So --script=a,b,c would become
--script=a in log files.
scan on Windows with --unprivileged. Previously Nmap assumed that the only way
o.isr00t could be false on Windows was if pcap functions were not available, so
the user would get the false message "requires that WinPcap version 3.1 or
higher...". NmapOps now has a state variable have_pcap so the meaning of isr00t
isn't overloaded.
Fyodor got the warning
NmapOps.cc: In function âchar* filename_to_url(const char*)â:
NmapOps.cc:195: warning: comparison is always true due to limited range of data type
and later a segmentation fault.
o Nsock now supports binding to a local address and setting IPv4 options
with nsi_set_localaddr() and nsi_set_ipoptions(), respectively. [Kris]
o Nmap's Nsock-utilizing subsystems (DNS, NSE, version detection) have been
updated to support the -S and --ip-options flags. [Kris]
o Added the undocumented (except here) --nogcc option which disables
global/group congestion control algorithms and so each member of a
scan group of machines is treated separately. This is just an
experimental option for now. [Fyodor]
Previously the ping probe data structures were stored in NmapOps,
now they will be stored in the scan_lists struct. All other changes
auxiliary to this reorganization.
