d97aa684ca
- update DESCR Notable changes: - Integrated a ton of service fingerprints, increasing the number of signatures more than 50%. It has now exceeded 1,000 for the first time, and represents 180 unique service protocols from acap, afp, and aim to xml-rpc, zebedee, and zebra. - Implemented a huge OS fingerprint update. The number of fingerprints has increased more than 13% to 1,121. This is the first time it has exceeded 1000. Notable updates include Linux 2.6.0, Mac OS X up to 10.3.2 (Panther), OpenBSD 3.4 (normal and pf "scrub all"), FreeBSD 5.2, the latest Windows Longhorn warez, and Cisco PIX 6.3.3. As usual, there are a ton of new consumer devices from ubiquitous D-Link, Linksys, and Netgear broadband routers to a number of new IP phones including the Cisco devices commonly used by Vonage. Linksys has apparently gone special-purpose with some of their devices, such as their WGA54G "Wireless Game Adapter" and WPS54GU2 wireless print server. A cute little MP3 player called the Rio Karma was submitted multiple times and I also received and integrated fingerprints for the Handspring Treo 600 (PalmOS). - Applied some man page fixes from Eric S. Raymond (esr(a)snark.thyrsus.com). - Added version scan information to grepable output between the last two '/' delimiters (that space was previously unused). So the format is now "portnum/state/protocol/owner/servicename/rpcinfo/versioninfo" as in "53/open/tcp//domain//ISC Bind 9.2.1/" and "22/open/tcp//ssh//OpenSSH 3.5p1 (protocol 1.99)/". Thanks to MadHat (madhat(a)unspecific.com) for sending a patch (although I did it differently). Note that any '/' characters in the version (or owner) field are replaced with '|' to keep awk/cut parsing simple. The service name field has been updated so that it is the same as in normal output (except for the same sort of escaping discussed above). - Integrated an Oracle TNS service probe and match lines contributed by Frank Berger (fm.berger(a)gmx.de). New probe contributions are always appreciated! - Fixed a crash that could happen during SSL version detection due to SSL session ID cache reference counting issues. - Applied patch to nmap XML dtd (nmap.dtd) from Mario Manno (mm(a)koeln.ccc.de). This accounts for the new version scanning functionality. - Upgraded to Autoconf 2.59 (from 2.57). This should help HP-UX compilation problems reported by Petter Reinholdtsen (pere(a)hungry.com) and may have other benefits as well. - Made Ident-scan (-I) limits on the length and type of responses stricter so that rogue servers can't flood your screen with 1024 characters. The new length limit is 32. Thanks to Tom Rune Flo (tom(a)x86.no) for the suggestion and a patch. - Fingerprints for unrecognized services can now be a bit longer to avoid truncating as much useful response information. While the fingerprints can be longer now, I hope they will be less frequent because of all the newly recognized services in this version. - The nmap-service-probes "match" directive can now take a service name like "ssl/vmware-auth". The service will then be reported as vmware-auth (or whatever follows "ssl/") tunneled by SSL, yet Nmap won't actually bother initiating an SSL connection. This is useful for SSL services which can be fully recognized without the overhead of making an SSL connection. - Version scan now chops commas and whitespace from the end of vendorproductname, version, and info fields. This makes it easier to write templates incorporating lists. For example, the tcpmux service (TCP port 1) gives a list of supported services separated by CRLF. Nmap uses this new feature to print them comma separated without having an annoying trailing comma as so (linewrapped): match tcpmux m|^(sgi_[-.\w]+\r\n([-.\w]+\r\n)*)$| v/SGI IRIX tcpmux//Available services: $SUBST(1, "\r\n", ",")/
7 lines
496 B
Text
7 lines
496 B
Text
Nmap ("Network Mapper") is a free open source utility for network exploration
|
|
or security auditing. It was designed to rapidly scan large networks,
|
|
although it works fine against single hosts. Nmap uses raw IP packets in
|
|
novel ways to determine what hosts are available on the network, what services
|
|
(application name and version) they are offering, what operating system (and
|
|
OS version) they are running, what type of packet filters/firewalls are in
|
|
use, and dozens of other characteristics.
|