Notable upstream changes:
* new help/usage screen and man page
* new man page currently only available in en, pt_PT and pt_BR
* nmapfe is now a shiny GTK2 application
Submitted by: Daniel Roethlisberger <daniel@roe.ch> (maintainer)
PR: ports/90371
- improved version detection
- integrates most FreeBSD fixes, thanks to
Marius Strobl <marius@alchemy.franken.de>
- install localized man pages
PR: ports/57646
Submitted by: Oliver Eikemeier <eikemeier@fillmore-labs.com>
Submitted by: maintainer
Reviewed by:
Approved by:
Obtained from:
MFC after:
1. Upgrade Nmap to 3.30, which released at Jun 29, 2003. Major enchancement is
OS fingerprints update. The fingerprint DB now contains almost 1000
fingerprints.
See ChangeLog at this link:
http://lists.insecure.org/lists/nmap-hackers/2003/Apr-Jun/0016.html
2. Renamed the patch files to be more descriptive.
The coolest feature is a new scan type -- Idlescan!
The quick synopsis is that this is a completely blind scan (meaning no
packets are sent to the target from your real IP address). Instead, a
unique side-channel attack exploits predictable "IP fragmentation ID"
sequence generation on the zombie host to glean information about the
open ports on the target.
-- Added a whole bunch of new OS fingerprints (and adjustments)
ranging from big important ones (Linux 2.4.X, OpenBSD 2.9, FreeBSD
4.3, Cisco 12.2.1, MacOS X, etc) to some that are more obscure (
such as Apple Color LaserWriter 12/660 PS and VirtualAccess
LinxpeedPro 120 )
-- Tweaked TCP Timestamp and IP.ID sequence classification algorithms
+ fixes a problem that kept UDP RPC scanning from working unless you were
also doing a TCP scan.
+ updated to latest version of rpc program number list
* Added ACK scanning. This scan technique is great for testing firewall
rulesets. It can NOT find open ports, but it can distinguish between
filtered/unfilterd by sending an ACK packet to each port and waiting for
a RST to come back. Filtered ports will not send back a RST (or will
send ICMP unreachables). This scan type is activated with -sA .
* Documented the Window scan (-sW)
* "Protocol" field in output eliminated. It is now printed right
next to the number (/etc/services style). Like "22/tcp".
* Added --resume option to continue a large network scan where you left off.
It also allows you to start and stop for policy reasons
