Submitted by: maintainer
Reviewed by:
Approved by:
Obtained from:
MFC after:
1. Upgrade Nmap to 3.30, which released at Jun 29, 2003. Major enchancement is
OS fingerprints update. The fingerprint DB now contains almost 1000
fingerprints.
See ChangeLog at this link:
http://lists.insecure.org/lists/nmap-hackers/2003/Apr-Jun/0016.html
2. Renamed the patch files to be more descriptive.
The nmap port is not building correctly where libgnugetopt is
installed. This patch fixes the problem, please add it to the
files directory.
PR: ports/50894
Submitted by: marius@alchemy.franken.de
Approved by: Dominic Marks <dom@cus.org.uk>
a separate port for nmapfe. Even though the attempt in the nmap port
mostly fails since no nmapfe executable would have been built, files
not appearing in the pkg-plist were being added to the system.
PR: ports/35207
Approved by: obrien
uses this make file. It should not try to strip the ${PREFIX}/bin/nmap
executable. The install of nmapfe would fail if nmap did not exist.
PR: ports/35207
Approved by: obrien
The coolest feature is a new scan type -- Idlescan!
The quick synopsis is that this is a completely blind scan (meaning no
packets are sent to the target from your real IP address). Instead, a
unique side-channel attack exploits predictable "IP fragmentation ID"
sequence generation on the zombie host to glean information about the
open ports on the target.
-- Added a whole bunch of new OS fingerprints (and adjustments)
ranging from big important ones (Linux 2.4.X, OpenBSD 2.9, FreeBSD
4.3, Cisco 12.2.1, MacOS X, etc) to some that are more obscure (
such as Apple Color LaserWriter 12/660 PS and VirtualAccess
LinxpeedPro 120 )
-- Tweaked TCP Timestamp and IP.ID sequence classification algorithms
+ fixes a problem that kept UDP RPC scanning from working unless you were
also doing a TCP scan.
+ updated to latest version of rpc program number list
* Added ACK scanning. This scan technique is great for testing firewall
rulesets. It can NOT find open ports, but it can distinguish between
filtered/unfilterd by sending an ACK packet to each port and waiting for
a RST to come back. Filtered ports will not send back a RST (or will
send ICMP unreachables). This scan type is activated with -sA .
* Documented the Window scan (-sW)
* "Protocol" field in output eliminated. It is now printed right
next to the number (/etc/services style). Like "22/tcp".
* Added --resume option to continue a large network scan where you left off.
It also allows you to start and stop for policy reasons
