Peter Postma.
OpenNTPd is a free implementation of the Network Time Protocol.
It provides the ability to sync the local clock to remote NTP servers and
can act as NTP server itself, redistributing the local clock.
OpenNTPd is primarily developed by Henning Brauer and Alexander Guy as part
of the OpenBSD Project. The portable version is made by Darren Tucker.
The software and is freely useable and re-useable by everyone under a BSD
license.
method.
Changes for 1.19 and 1.18:
libnet 1.19 -- Wed Jun 30 14:53:48 BST 2004
Bug Fixes
* Fixed datasend test to work on Win32 platform
* Fixed Authen::SASL checking in SMTP.pm and POP3.pm
* Fixed bug that a restarted get with Net::FTP did not append to local file
libnet 1.18 -- Mon Mar 22 16:19:01 GMT 2004
Bug Fixes
* Fixed bug in CRLF translation in Net::Cmd datasend/dataend methods
* Fixed bug in converting numbers returned by PASV command into a
packed IP address
* Fixed bug that caused Net::FTP->get to truncate the local file after
the restart method had been called
* Fixed bug in Net::FTP-.rmdir when the server returned . and .. in
the contents of a directory
* Fixed bug in POP3 that was sending unnecessary RSETs
Enhancements
* Added support for POP3 CAPA command
* Added support for XVERP to Net::SMTP
* Added Net::POP3->banner method to return the banner received from
the server during connect
* Added Net::POP3->auth method for performing authentication using
SASL, requires Authen::SASL
* Added Host option to ->new constructor of FTP, NNTP, SMTP and POP3
which can be used instead of passing the host as the first argument
* Added ->host method to FTP, NNTP, SMTP and POP3 to return the host
string used for the connect. This is useful to determine which host
was connected to when multiple hosts are specified
* Added support for more non-standard responses to Net::FTP->size
* Updated POD for Net::SMTP wrt. not passing a Hello parameter to the
constructor. (Jeff Macdonald)
Changes from 1.15 to 1.17 not available due to Subversion lossage.
changes since 0.9.0:
- add support for ModemCapabilities
- add support for Subscriber Management Filter groups
- make SNMP VarBind encoding more "compatible" with other encoders
- cleanup argument handling, fix bug with error printing
- fix bug where SnmpMibObject OID output would switch to numeric format
after a decode_oid
- re-organized and beautified source code
changes:
2004-06-23 Michael Meeks <michael@ximian.com>
* Version 2.10.3
2004-06-22 Michael Meeks <michael@ximian.com>
* src/orb/orb-core/allocators.c (ORBit_freekids_via_TypeCode_T):
add missing pre-align for struct/except types. Complicate the
union alignment rules.
2004-05-17 Fernando Herrera <fherrera@onirica.com>
* src/idl-compiler/orbit-idl-c-backend.c: (out_for_pass):
Merge fix from HEAD for bug #142546. clobber LC_ALL because
cpp tranlates some strings in some locales during dep files
generation that makes compilation fails.
2004-05-17 Michael Meeks <michael@ximian.com>
* ORBit-2.0.pc.in: prune pkgconfig cruft.
wimon is a curses tool that shows a real-time graph of your wireless
connection status. It is based on Bill Paul's wiconfig.
It runs on NetBSD, FreeBSD and OpenBSD.
UCARP allows a pair of hosts to share common virtual IP addresses in order to
provide automatic failover. It is a portable userland implementation of the
secure and patent-free Common Address Redundancy Protocol (CARP, OpenBSD's
alternative to the VRRP).
Strong points of the CARP protocol are : very low overhead, cryptographically
signed messages, interoperability between different operating systems and no
need for any dedicated extra network link between redundant hosts.
Changes:
========
- Added MAC address printing. If Nmap receives packet from a target
machine which is on an Ethernet segment directly connected to the
scanning machine, Nmap will print out the target MAC address. Nmap
also now contains a database (derived from the official IEEE
version) which it uses to determine the vendor name of the target
ethernet interface. The Windows version of Nmap does not yet have
this capability. If any Windows developer types are interesting in
adding it, you just need to implement IPisDirectlyConnected() in
tcpip.cc and then please send me the patch. Here are examples from
normal and XML output (angle brackets replaced with [] for HTML
changelog compatability):
MAC Address: 08:00:20:8F:6B:2F (SUN Microsystems)
[address addr="00:A0:CC:63:85:4B" vendor="Lite-on Communications"
addrtype="mac" /]
- Updated the XML DTD to support the newly printed MAC addresses.
Thanks to Thorsten Holz (thorsten.holz(a)mmweg.rwth-aachen.de) for
sending this patch.
- Added a bunch of new and fixed service fingerprints for version
detection. These are from Martin Macok
(martin.macok(a)underground.cz).
- Normalized many of the OS names in nmap-os-fingerprints (fixed
capitalization, typos, etc.). Thanks to Royce Williams
(royce(a)alaska.net) and Ping Huang (pshuang(a)alum.mit.edu) for
sending patches.
- Modified the mswine32/nmap_performance.reg Windows registry file to
use an older and more compatable version. It also now includes the
value "StrictTimeWaitSeqCheck"=dword:00000001 , as suggested by Jim
Harrison (jmharr(a)microsoft.com). Without that latter value, the
TcpTimedWaitDelay value apparently isn't checked. Windows users
should apply the new registry changes by clicking on the .reg file.
Or do it manually as described in README-WIN32. This file is also
now available in the data directory at
http://www.insecure.org/nmap/data/nmap_performance.reg
- Applied patch from Gisle Vanem (giva(a)bgnett.no) which allows the
Windows version of Nmap to work with WinPCAP 3.1BETA (and probably
future releases). The Winpcap folks apparently changed the encoding
of adaptor names in this release.
- Fixed a ping scanning bug that would cause this error message: "nmap:
targets.cc:196: int hostupdate (Target **, Target *, int, int, int,
timeout_info *, timeval *, timeval *, pingtune *, tcpqueryinfo *,
pingstyle): Assertion `pt->down_this_block > 0' failed." Thanks to
Beirne Konarski (beirne(a)neo.rr.com) for reporting the problem.
- If a user attempts -PO (the letter O), print an error suggesting
that they probably mean -P0 (Zero) to disable ping scanning.
- Applied a couple patches (with minor changes) from Oliver Eikemeier
(eikemeier(a)fillmore-labs.com) which fix an edge case relating to
decoy scanning IP ranges that must be sent through different
interfaces, and improves the Nmap response to certain error codes
returned by the FreeBSD firewall system. The patches are from
http://cvsweb.freebsd.org/ports/security/nmap/files/ .
- Many people have reported this error: "checking for type of 6th
argument to recvfrom()... configure: error: Cannot find type for 6th
argument to recvfrom()". In most cases, the cause was a missing or
broken C++ compiler. That should now be detected earlier with a
clearer message.
- Fixed the FTP bounce scan to better detect filered ports on the
target network.
- Fixed some minor bugs related to the new MAC address printing
feature.
- Fixed a problem with UDP-scanning port 0, which was reported by
Sebastian Wolfgarten (sebastian(a)wolfgarten.com).
- Applied patch from Ruediger Rissmann (RRI(a)zurich.ibm.com), which
helps Nmap understand an EACCESS error, which can happen at least
during IPv6 scans from certain platforms to some firewalled targets.
- Renamed ACK ping scan option from -PT to -PA in the documentation.
Nmap has accepted both names for years and will continue to do
so.
- Removed the notice that Nmap is reading target specifications from a
file or stdin when you specify the -iL option. It was sometimes
printed to stdout even when you wanted to redirect XML or grepable
output there, because it was printed during options processing before
output files were handled. This change was suggested by Anders Thulin
(ath(a)algonet.se).
- Added --source_port as a longer, but hopefully easier to remember,
alias for -g. In other words, it tries to use the constant source
port number you specify for probes. This can help against poorly
configured firewalls that trust source port 20, 53, and the like.
- Removed undocumented (and useless) -N option.
- Fixed a version detection crash reported in excellent detail by
Jedi/Sector One (j(a)pureftpd.org).
- Applied patch from Matt Selsky (selsky(a)columbia.edu) which helps
Nmap build with OpenSSL.
- Modified the configure/build system to fix library ordering problems
that prevented Nmap from building on certain platforms. Thanks to
Greg A. Woods (woods(a)weird.com) and Saravanan
(saravanan_kovai(a)HotPop.com) for the suggestions.
- Applied a patch to Makefile.in from Scott Mansfield
(thephantom(a)mac.com) which enables the use of a DESTDIR variable
to install the whole Nmap directory structure under a different root
directory. The configure --prefix option would do the same thing in
this case, but DESTDIR is apparently a standard that package
maintainers like Scott are used to. An example usage is
"make DESTDIR=/tmp/packageroot".
- Removed unnecessary banner printing in the non-root connect() ping
scan. Thanks to Tom Rune Flo (tom(a)x86.no) for the suggestion and
a patch.
- Updated the headers at the top of each source file (mostly to
advance the copyright year to 2004 and note that Nmap is a registered
trademark).
Quentin Garnier.
Arping can be used to find out it a specific IP address on the LAN is 'taken'
and what MAC address owns it. Sure, you *could* just use 'ping' to find out if
it's taken and even if the computer blocks ping (and everything else) you still
get an entry in your ARP cache. But what if you aren't on a routable net? Or
the host blocks ping (all ICMP even)? Then you're screwed. Or you use arping.
<drue at users.sourceforge.net>.
Argus is a system and network monitoring application. It will monitor
anything you ask it to monitor (TCP + UDP applications, IP connectivity,
SNMP OIDS, Programs, Databases, etc), presents a nice clean, easy to view
web interface, it can send alerts numerous ways (such as via pager) and
can automatically escalate if someone falls asleep.
traps arrive in a steady stream, straps will exit before the client
(scotty) manages to connect, because traps are handled before new
client connections in straps. Adds a sleep(3) first, and rearranges
the order of handling of these events, so that scotty can get around
to connecting as a client before the first trap is handled by straps.
Bump pkgrevision to 3.
hlfl stands for "High Level Firewall Language". It permits writing
firewalling rules using a high level language, and transforms them into
rules for real softwares, like ipfilter, ipchains or cisco rules.
This module a simple file-based database. This database simply contains IP
blocks as keys, and countries as values. The data contains all public IP
addresses and should be more complete and accurate than reverse complete
COMPLETE and accurate than reverse DNS lookups.
This module can be used to automatically select the geographically closest
mirror, or to analyze your web server logs to determine the countries of
your visitors.
Changes since 1.3.1:
* Fixed bug where *.gz file(s) didn't get removed after geoipupdate
* Added support for NetSpeed lookup to geoiplookup
* inet_addr patch for 64 bit systems (Thomas Steudten)
* Added Support for automated downloads of GeoIP Region, City, ISP
and Organization databases (Frank Mather)
* INADDR_NONE Patch for Solaris 9 (John Young)
* Added support for Maxmind NetSpeed
- Grab maintainership of the package (with ok of previous owner)
- Use SUBST_* code
Ok'ed wiz@, snj@, salo@
From the changelog:
2004-05-06 Daniel Roelker <droelker@sourcefire.com>
* src/detection-plugins/sp_pattern_match.c:
Fixed rule read up error when parsing hexmode content options.
Thanks for pointing it out Toni Maatta. (Roelker)
* src/preprocessors/spp_stream4.c:
Fixed null pointer dereference when detect_scans were enabled and
creating a new session that had funky flags. Thanks to Chad
Kreimendahl for reporting the bug and testing the fix. (Roelker)
2004-04-20 Daniel Roelker <droelker@sourcefire.com>
* src/event_queue.c:
* src/event_queue.h:
* src/sfutil/sfeventq.c:
* src/sfutil/sfeventq.h:
Added multi-event queueing in Snort. Snort now supports logging
multiple events per packet, and prioritizing those events using
different methods. Thanks to H.D. Moore for illustrating event
obfuscations when snort only logged one event per packet. (Roelker)
* src/snort.c:
* src/decode.c:
* src/detect.c:
* src/fpcreate.c:
* src/fpdetect.c:
* src/preprocessors/spp_arpspoof.c:
* src/preprocessors/spp_bo.c:
* src/preprocessors/spp_frag2.c:
* src/preprocessors/snort_httpinspect.c:
* src/preprocessors/spp_rpc_decode.c:
* src/preprocessors/spp_stream4.c:
Updated event generators to use new event queueing sytem. (Roelker)
* src/output-plugins/spo_alert_fast.c:
Added newline to 'cmg' alert output, so IP decode is easier to
read. (Roelker)
* src/output-plugins/spo_database.c:
Updated how current/utc times are calculated, as well as how they are
formatted, thanks Marcus Janoski. (Reid)
* src/parser.c:
Error on unterminated IP lists. Added 'config event_queue' parameter.
Configuration changes to 'config checksum_mode' for specifying
which checksums to do. (Norton)
* src/plugbase.h:
Fixes from Chris Reid for timestamp routines. (Reid)
* src/tag.c:
Revert to old tag functionality. Will add proposed tagging
configurations in the future. (Roelker)
