[LWN Logo]

Date:	Tue, 29 Dec 1998 15:46:24 -0600
From:	Chris Tobkin <tobkin@JAWS.UMN.EDU>
Subject:      Nmap 2.02 released (fwd)
To:	BUGTRAQ@NETSPACE.ORG

Forwarded message:
From nmap-hackers-return-103-tobkin=jaws.umn.edu@insecure.org  Tue Dec 29 15:41:05 1998
Mailing-List: contact nmap-hackers-help@insecure.org; run by ezmlm
Precedence: bulk
Delivered-To: mailing list nmap-hackers@insecure.org
Date: Tue, 29 Dec 1998 16:37:36 -0500 (EST)
From: Fyodor <fyodor@dhp.com>
To: nmap-hackers@insecure.org
Subject: Nmap 2.02 released
Message-ID: <Pine.LNX.4.04.9812291622090.17945-100000@shell.dhp.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII


I'm back from vacation and I finally incorporated most of the stuff people
have been sending me into nmap 2.02 which is available in the usual
location ( http://www.insecure.org/nmap/ ).

The biggest change is all the new fingerprints that have been adding.
Thanks to all of these people for sending a ton of useful prints:

 Nickolai Zeldovich <kolya@zepa.net> (lots),
Clive ROBERTS <clrobert@bru-hub.dhl.com>, Erik Parker
<netmask@303.org> (sent in a ton of them), Gustavo Molina
<gustavo@molina.com.br>, Filipe Jorge Marques de Almeida
<almeida@rnl.ist.utl.pt>, alligator 427 <alligator_427@hotmail.com>,
Thomas Walter <tw@mail.iTreff.de>, Sten Kalenda
<sten@rf.roccadefinance.nl>, Chris Tobkin <tobkin@jaws.umn.edu>
(lots), Artem Belevich <ABelevic@ctron.com> (lots),Jason J. Horton
<jason@intercom.com>, "Seva (root)" <root@null.cc.uic.edu>, Erik
Fichtner <techs@obfuscation.org>, spaceork <spaceork@dhp.com>
"Emmanuel Tychon [C]" <etychon@cisco.com>,Peter 'g00bER' Kosinar
<goober@gjh.sk> (lots), Sten Kalenda <sten@rf.roccadefinance.nl>, Dan
Stromberg <strombrg@nis.acs.uci.edu>, Jan B. Koum <jkb@best.com>,
A.j. Effin ReznoR <spork@exo.com>, anarch <anarch@exo.com> (sent
lots), Richard Reiner <rreiner@fscinternet.com> (sent tons of them),
Xenitellis S <S.Xenitellis@rhbnc.ac.uk>, Antti Pyykko
<pyksy@atlas.lukio.nivala.fi> (sent in tons of them), Uwe Storbeck
<uwe@ibr.ch>, jbresley@McLeodUSA.com, Joachim Larsson
<joachim.larsson@sigma.se>, Daniel Seagraves <daniel@ubani.umtec.com>,
Aaron Turner <aturner@pobox.com>, David G. Andersen
<danderse@cs.utah.edu> (sent lots), Nickolai Zeldovich
<kolya@zepa.net>, kevin@sartorelli.gen.nz, Dimitris Evmorfopoulos
<devmorfo@algo.com.gr>, Mike Fidler <mike@concourse.com>, eddie
<drb0b@klinikal.nwnet.co.uk> (sent a ton of them), Jordan Ritter
<jpr5@darkridge.com>, Matt Terran <meta@green.eaw.net>,  Hubert Feyrer
<feyrer@rfhs8012.fh-regensburg.de>, root <root@knightmare.cc>, Dan
Stahlke <fsdls1@aurora.alaska.edu>, Peter Keel <killer@discordia.ch>,
R Sriram <rsriram@krdl.org.sg>, sena <root@decoy.pt.eu.org> (found
some very cool ones such as QNX and Plan9), Dale Lovelace
<dale@redhat.com>, Beat Rubischon <bru@minolta.ch>

If you send in fingerprints, please check them against your machines to
make sure they work.  Please send me mail if the fingerprints I added
don't match after all.  Also, it is easier for me if you can send IP
addresses so that I can test the new fingerprints immediately.  If they
are behind a firewall or you can't send them for paranoia reasons, that is
OK too.

It is probably better to send fingerprints directly to me rather than the
list to keep everyone from getting flooded with them.  When I collect a
bunch I'll send a nmap-os-fingerprints update.

Here are some other changes in 2.02:

* Token ring problems have been fixed thanks to a patch sent in by Mike
Phillips <PHILLIM@Amtrak.com> .

* Added warning message when -g is used with -sT (which is the default)
so that people know that the source port can not be manipulated with
-sT.  Thanks to Geeman <geeman@garden.net> for finding this.

* Fixed segfault caused by bogus arguments to -p (found by Adam Shostack)

* NetBSD byte order issue should be fixed.

* Oren Tirosh <oren@hishome.net>, Meskanen <mesrik@cc.jyu.fi>, and Chris
Wilson <Chris.Wilson@fitz.cam.ac.uk> send .spec files for use in creating
RPM packages.  I merged these together into one .spec file which I am
still testing.  The next version of nmap will include RPMs (along with
.tgz).

*  Lamont's brilliant AOLer has been added to the AOL response section.

Also, Theo De Raadt wrote to let me know that -sT doesn't seem to work
when run from OpenBSD 2.4 .  Do others have this problem?  It works fine
on my OpenBSD 2.3 box.

If you don't care about the 2.02 improvements and only want the
new fingerprint file, it is available at
http://www.insecure.org/nmap/nmap-os-fingerprints .  If you did 'make
install', stick it in /usr/local/lib .  If you run nmap from the build
directory, stick it there.

Like usual, let me know if you have problems with 2.02.  I haven't tested
it on as many systems as usual since it is almost 2:00 and I really should
go to work before everyone else leaves :).

Cheers,
Fyodor

--
Fyodor                            'finger pgp@www.insecure.org | pgp -fka'
Frustrated by firewalls?          Try nmap: http://www.insecure.org/nmap/
In a free and open marketplace, it would be surprising to have such an
obviously flawed standard generate much enthusiasm outside of the criminal
community.  --Mitch Stone on Microsoft ActiveX