see http://seclists.org/nmap-dev/2013/q4/168
Move some includes out of nmap.h: nmap.h gets included lots of places,
and unconditionally included math.h, ctype.h, errno.h, stdio.h,
sys/stat.h, fcntl.h, sys/types.h, and stdarg.h. This commit moves those
includes into the .cc files where they are necessary and out of nmap.h
Remove redundant include global_structures.h, included from nmap.h
Removed redundant code included from nmap.h
Removing #include nbase.h when nmap.h is included (redundant)
Remove duplicate #include lines
Add ifndef guards to a few .h files
for file in `grep "* including the terms and conditions of this license text as well. \*" * -r --files-with-match `; do sed "s/\* including the terms and conditions of this license text as well. \*/* including the terms and conditions of this license text as well. */g" -i $file; done
Setting --min-parallelism without also setting --max-parallelism would
force the max parallelism to the same value. So, for example,
--min-parallelism=1 would also limit the max parallelism to 1. This
patch, based on one by Chris Woodbury, allows the max parallelism to
rise above this minimum, up to the maximum defined by each scan phase.
svn merge --ignore-ancestry svn://svn.insecure.org/nmap@26621 svn://svn.insecure.org/nmap-exp/luis/nmap-os6
This is the IPv6 OS detection branch. "nmap -6 -O" works now, though at
this point it only prints fingerprints and not OS guesses, because we
need to collect more submissions.
Nmap delays parsing for options that require knowledge of other options that
the user might have supplied in order to make informed decisions. This is
achieved by using a temporary storage place in which options that can't be
correctly parsed and interpreted without having full knowledge of all other
user supplied command line arguments like -S and -6.
returning floating-point seconds. Everywhere o.TimeSinceStartMS was
called, the return value was being divided by 1000.0, which had the same
effect but would overflow when the difference exceeded about 25 days
(2^31 milliseconds). This patch is by Daniel Miller.
was to hide command line arguments from the process list. It had
been broken (would segfault during the second scan) since before May
2009 until February 2010 and was rarely used. The fact that it was
broken was reported by Juan Carlos Castro y Castro.
See http://seclists.org/nmap-dev/2009/q2/464 and
http://seclists.org/nmap-dev/2010/q1/688 for report and discussion.
This establishes a more regular syntax for some options that disable
phases of a scan:
-n no reverse DNS
-Pn no host discovery
-sn no port scan
Also, the -sP was possibly misleading because the 'P' suggests "ping
scan," when you can now do more than just pinging when you disable port
scanning. For example, -sC -sn and -sn -Pn --traceroute make sense.
currently recommended way to disable both host discovery and port
scanning. The only other phase that can run in the absence of these two
is NSE, and then with host scripts only. -sP should not by thought of as
"ping scan" but as "don't port scan," because more than a ping scan can
happen when you use it. More reasonable and mnemonic options for
disabling these phases will be forthcoming.
a layer 4 protocol used mostly for telephony related applications.
This brings the following new features:
o SCTP INIT chunk port scan (-sY): open ports return an INIT-ACK
chunk, closed ones an ABORT chunk. This is the SCTP equivalent
of a TCP SYN stealth scan.
o SCTP COOKIE-ECHO chunk port scan (-sZ): open ports are silent,
closed ports return an ABORT chunk.
o SCTP INIT chunk ping probes (-PY): host discovery using SCTP
INIT chunk packets.
o SCTP-specific IP protocol scan (-sO -p sctp).
o SCTP-specific traceroute support (--traceroute).
o The ability to use the deprecated Adler32 algorithm as specified
in RFC 2960 instead of CRC32C from RFC 4960 (--adler32).
o 42 well-known SCTP ports were added to the nmap-services file.
Part of the work on SCTP support was kindly sponsored by
Compass Security AG, Switzerland. [Daniel Roethlisberger]
inserts null characters it was effectively truncating the option
argument value after it was done with it. So --script=a,b,c would become
--script=a in log files.
