Nmap 4.00 Released

← Back to Stories (view on slashdot.org)

Posted by Zonk on Tuesday January 31, 2006 @07:24AM from the enjoy-mapping-those-n's dept.

NoExec writes "Hot off the nmap-hackers list comes news that the Nmap Security Scanner version 4.00 has been released. Dozens of major changes since 3.50 (2 years ago) are listed in the announcement. These include a rewritten (for speed and memory efficiency) port scanning engine, ARP scanning, a brand new man page and install guide, 'l33t ASCII art, runtime interaction, massive version detection improvements, MAC address spoofing, increased Windows performance, 500 new OS detection fingerprints, completion time estimates, and much more."

43 comments

Min score:

Reason:

Sort:

It's not fair! by menkhaura · 2006-01-31 07:28 · Score: 1

It's not fair to Fyodr! You slashdotted him, you insensitive clods!

--
Stupidity is an equal opportunity striker.
Fellow slashdotter Bill Dog
1. Re:It's not fair! by Anonymous Coward · 2006-01-31 21:14 · Score: 0
  
  He needs the fingerprint data, you insensitive clod !
Sweet! by daeley · 2006-01-31 07:28 · Score: 5, Funny

I wonder if Trinity has had a chance to try it out. ;)

--
I watched C-beams glitter in the dark near the Tannhauser gate.
1. Re:Sweet! by hobbit · 2006-01-31 09:19 · Score: 5, Funny
  
  Trinity is dead, you insensitve clod!
  
  --
  "Wise men talk because they have something to say; fools, because they have to say something" - Plato
2. Re:Sweet! by Anonymous Coward · 2006-01-31 15:06 · Score: 0
  
  No no she's not dead, she's...she's restin'! Remarkable bird, Trinity, idn'she, ay? Beautiful plumage!
gtk2 front end by Anonymous Coward · 2006-01-31 07:30 · Score: 1, Informative

Glad they finally ditched gtk1
No raw sockets in XP? by BerkeleyDude · 2006-01-31 07:37 · Score: 2, Insightful

"This is particularly useful for Windows, since Microsoft has disabled raw socket support in XP."

Does it mean that the lowest level you can use is TCP or UDP? How did nmap work in Windows before? (Did it?)

I wonder what's the logic in disabling raw sockets...
1. Re:No raw sockets in XP? by CerebusUS · 2006-01-31 07:43 · Score: 3, Interesting
  
  Here's Steve Gibson's reasons for a start.
2. Re:No raw sockets in XP? by slavemowgli · 2006-01-31 07:51 · Score: 4, Informative
  
  I wonder what's the logic in disabling raw sockets...
  
  Oh! Can't you see? It's all done to protect you from the evil intarweb hackers!
  
  That being said, the lowest level you can use now is raw ethernet frames, and that's just what nmap does - in other words, the disabling of raw sockets is completely useless...
  
  --
  quidquid latine dictum sit altum videtur.
3. Re:No raw sockets in XP? by jd · 2006-01-31 07:57 · Score: 3, Funny
  
  This is part of a conspiracy by fast food places. If you can't get raw packets, only grilled ones, you're going to be more inclined to get fries with that.
  
  --
  It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
4. Re:No raw sockets in XP? by shadesofgray · 2006-01-31 08:02 · Score: 2, Informative
  
  It uses WinPcap to send raw ethernet frames (assuming ethernet network)
5. Re:No raw sockets in XP? by Anonymous Coward · 2006-01-31 09:52 · Score: 1, Informative
  
  Fyodor's version
6. Re:No raw sockets in XP? by Anonymous Coward · 2006-01-31 12:44 · Score: 0
  
  You can still use raw sockets as far as I'm aware, but you have to disable the firewall and the service Windows Firewall/Internet connection sharing apparently.
7. Re:No raw sockets in XP? by user24 · 2006-01-31 21:12 · Score: 1, Informative
  
  How did nmap work in Windows before? (Did it?)
  Under XP SP2, it didn't, even with firewall disabled.*
  with nmap4 it does.
  
  (* in reply to later comment about disabling windows firewall)
8. Re:No raw sockets in XP? by archeopterix · 2006-01-31 23:10 · Score: 4, Interesting
  
  I wonder what's the logic in disabling raw sockets...
  Stupidity + historical reasons, which I am recalling from memory:
  1. Microsoft implements raw sockets, with some efforts to restrict access to them - only Administrators can use them.
  2. On XP all users are Administrators by default.
  3. Some people point this out, the stupidest being the loudest . ("Full Raw Sockets were created as a potent research tool. They were NEVER INTENDED to be shipped in a mass-market consumer operating system." )
  4. Microsoft thinks it's a good idea.
Cool by Anonymous+Crowhead · 2006-01-31 07:48 · Score: 1

I was just thinking the other day the nmap really lacks l33t ascii art. Looking forward to those speed enhancements though.
Gaaah! by jd · 2006-01-31 07:54 · Score: 2, Funny

It's spelled 1337! Gah, typists these days. In my day, typists had only one key! And that was backspace! AND they were grateful for it.

--
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
1. Re:Gaaah! by menkhaura · 2006-01-31 09:30 · Score: 4, Funny
  
  You, boy, should be grateful for your backspace key. When I was a lad there were no such things as keys; we used our very own fingers to close the 12000V contacts. Our programs were entered in binary, and we were lucky when we did it all right the first time, for so Dad wouldn't bang our heads with a baseball bat. Furthermore, in order to get 12000V (lower tensions didn't pass through our fingers) on the patch-panel contacts, we had to bring in our own 300lb transformers. On our backs. Uphill both ways.
  
  --
  Stupidity is an equal opportunity striker.
  Fellow slashdotter Bill Dog
2. Re:Gaaah! by karnal · 2006-01-31 16:32 · Score: 1
  
  Oh yea? At least you had it that good. Where I had to walk, there was snow! Don't get me started about not having clothes, either, or shoes......
  
  --
  Karnal
3. Re:Gaaah! by NuclearDog · 2006-01-31 19:28 · Score: 2, Funny
  
  Yeah, well when I was your age, I had to get up in the morning at ten o'clock at night, half an hour before I went to bed, eat a lump of cold poison, work twenty-nine hours a day down mill, and pay mill owner for permission to come to work, and when I got home, my Dad would kill me, and dance about on my grave singing "Hallelujah."
  
  --
  This statement is forty-five characters long.
Re:Fyodor Still Hacking Slashdotters? by Anonymous Coward · 2006-01-31 07:58 · Score: 0

Google it if you want to know more.

I did. All "evidence" of the alleged hack has been removed from multiple servers. This must mean either a) Fyodor has hacked into multiple servers and erased all incriminating evidence, or b) the allegations were false and the tainted evidence was removed.

I'm going with option b).
Hoooooray! by LowneWulf · 2006-01-31 07:59 · Score: 1

Nmap is my favourite video game ever.

It's a shame my ISP explicitly bans all portscanning in the TOS. Oh yeah, and looking at naughty pictures too, so you can imagine how seriously I take the TOS.
1. Re:Hoooooray! by DrSkwid · 2006-01-31 14:07 · Score: 2, Interesting
  
  Can you post a link to the TOS, I'm interested as to how they word that idiotic clause.
  
  "All portscanning", even, say, the range 80-80 ?
  
  --
  There are places where the networks are not touching,and there are places where they are-Boeing's Lori Gunter
2. Re:Hoooooray! by Wikipedia · 2006-02-13 02:40 · Score: 0
  
  if you do a -T0 or -T1, how will they ever know? Especially if you're just scanning one ip or random ips? I wish we could scan ports in a random order, though.
  
  --
  P2P Anonymous Distributed Web Search: http://www.yacy.net/
SecurityFocus Interview by yesnoyes · 2006-01-31 08:04 · Score: 5, Informative

SecurityFocus just posted an excellent interview with Fyodor about the 4.00 release. Topics include speed benchmarks, version detection improvement details, the upcoming new OS detection system, and reactions to Nessus going proprietary.
Gibson has no credibility by yesnoyes · 2006-01-31 08:14 · Score: 3, Informative

Steve Gibson is a total bonehead. His latest moronic idea was debunked on /. just a few days ago.
1. Re:Gibson has no credibility by Geoffreyerffoeg · 2006-01-31 14:31 · Score: 1
  
  Ad hominem. Just because one idea was debunked doesn't necessarily mean that all of Gibson's theories are dead wrong.
2. Re:Gibson has no credibility by 0racle · 2006-01-31 17:47 · Score: 2, Insightful
  
  No but it would lend support to the statement that he's a moron and should make you take other things that he has said on similar subjects with a grain of salt.
  
  Calling into question ones expertise and intelligence regarding a subject when talking about their positions on similar subjects is not strictly an ad hominum attack because their abilities are at the core of their ability to even create their argument. For instance, I know nothing about cars beyond how to drive one. One day I start spouting out something about them. Saying 'but he knows nothing about cars,' is not an ad hominum attack because my abilities, knowledge and experience are directly related to my ability to make a correct argument on this subject.
  
  Ad Hominum is Slashdots phrase du jour.
  
  --
  "I use a Mac because I'm just better than you are."
3. Re:Gibson has no credibility by Geoffreyerffoeg · 2006-02-01 01:50 · Score: 3, Insightful
  Saying 'but he knows nothing about cars,' is not an ad hominum attack because my abilities, knowledge and experience are directly related to my ability to make a correct argument on this subject.
  
  Correct.
  
  No but it would lend support to the statement that he's a moron
  
  Incorrect, non sequitur, and evidence of not understanding "ad hominem". Unless you're stating that he has that particular 10-point IQ range designated "moron", that fell out of use ages ago, calling him a moron is a personal attack. What if he's being paid off by an underling of Stallman to make as much noise as possible about Windows vulnerabilities - and since Windows is so vulnerable, he's generally right? What if he's just misguided but using useful sources? What if he jumped the shark some time back?
  
  If you can lend any support to the theory "Gibson is unqualified to offer opinions on Windows security," you'd have a leg. If you can simply prove "Raw sockets do not affect the attack level of the Internet," your case would be done, and you would be attacking the argument, not the person. Why risk making an unrelated ad hominem that could be a fallacy, if it's far easier, and more relevant to the Slashdot discussion at large, to prove the original statement?
  
  Here, to bring this on topic, refute these claims about raw sockets.
  Raw sockets have no use in a workstation OS. If XP Home is coming without a webserver, a remote desktop, and so forth, then why does it need something as obscure as raw sockets?
  If you need to build a specific interface that isn't, e.g., TCP/IP, then write a driver for the protocol, and either digitally sign it or let the user accept the unsigned driver.
  If we need to allow application-level raw sockets, then only let it run as administrator. Kinda like UNIX only lets root run servers on the first 1024 ports.
  Raw sockets are easily used by botnets to spoof their source address in a DDOS. Botnets exist.
  The average user never needs raw sockets. (Nmap is not a tool for the average user.)
  
  Therefore, just like everything else they've been recently disabling in the name of security, raw sockets have ample justification not to be there.
4. Re:Gibson has no credibility by suitepotato · 2006-02-01 05:53 · Score: 1
  
  Your arguments are simply undone by the rule that security through obscurity is not security at all. It hasn't worked for Microsoft and it won't work this way either.
  
  Your rationale is that the average user has no need and is in actuality a compromised machine owner waiting to happen for a botnet. Hence the old the users are too stupid so lets remove the ticking timebomb before they set it off argument.
  
  This reduces the OS more and more towards being nothing more than a toy and shackles anyone and everyone using it to that dumbed down standard.
  
  It also astonishingly assumes that the users who were earlier assumed too dumb to stop themselves from being botnet carriers are smart enough to not install those digitall signed (or unsigned) drivers without concrete need later on.
  
  All the nefarious Windows malware people then need do is package up all their stuff, drivers and all, and put a cutsey Flash game on top as the ostensible selling point, give it away for free with automated point-click-infect directions. If you tell people to ignore the unsigned driver warning, they WILL ignore it to get software installed that they want.
  
  Disabling raw sockets does nothing but dumb down the OS pointlessly, hobble knowledgable users needlessly, and turn it into a tchotcke application. ALSO, it gives Microsoft an opening to continue disenfranchising the common users from the path from n00b to power user by creating a cutsey neutered Paris Hilton froo-froo lap dog OS for the idiot masses and a massively more expensive product for everyone that might have more than two brain cells.
  
  This doesn't strike me as a good thing. Instead, Microsoft should be more rigorous in their bughunting and errorchecking before code release, put more gateway steps in the way of getting seriously risky things done, and strongly discourage the users from doing things that are risky without consideration of the ramifications, and try to tie all these risky things together under the watch of a nagging but informative security watch mechanism that keeps tabs on this.
  
  Instead, people are under the impression that AOL is suddenly a paragon of virtue in providing a "safety and security center". If there was such a thing, it should be part and parcel of the OS. Not left to a third party, not left to chance.
  
  --
  If my grammar and spelling are off, I am [distracted/tired/careless] (take your pick)
5. Re:Gibson has no credibility by Geoffreyerffoeg · 2006-02-01 10:19 · Score: 2, Insightful
  
  creating a cutsey neutered Paris Hilton froo-froo lap dog OS
  
  I won't even begin to list the fallacies in that, but since we're back on topic...isn't that what Windows (or at least Windows XP Home) is? If you want to do cool things with it, get XP Pro. If you want to do really cool things, get Windows Server 2003. If you want to do extremely cool things and avoid the Windows paradigm, get Linux.
  
  Paris Hilton needs an OS, and Microsoft has written it. Anyone who needs raw sockets on a regular basis should not also plan to use XP Home on a regular basis. Use the right tool for the job.
Comparison to Nessus by yesnoyes · 2006-01-31 08:42 · Score: 5, Insightful

My favorite part of the release announcement actually relates to Nessus:
A popular open source security scanner recently went proprietary, complaining that their community never contributes much. We are sorry to hear that, but happy to report that the Nmap community is as vibrant and productive as ever! We would like to acknowledge and thank the many people who contributed ideas and/or code to this release (since 3.50). Special thanks go out to Adam Kerrison, Adam Morgan, Adriano Monteiro Marques, Alan Bishoff [ huge list goes on and on ... ]
So if Nessus can't get enough help, maybe that says more about how they run the project than their suggestion of an open source community of leeches who don't contribute back.
1. Re:Comparison to Nessus by EtherMonkey · 2006-01-31 09:18 · Score: 1
  
  I would LOVE to support Nessus. But all they want is Money. I was even willing to buy commercial licenses for Nessus, but at US$10,000+ per year they are out of their fucking mind.
  
  In fact, that is exactly what I told the Tenable sales rep, after I picked myself up off the floor. She was not amused.
  
  --
  --- A man with a briefcase can steal more money, than any man with a gun. [Don Henley]
No signed source code? by Anonymous Coward · 2006-01-31 09:01 · Score: 0

Would be nice if he signed the tarball with a pgp key.
1. Re:No signed source code? by Anonymous Coward · 2006-01-31 09:08 · Score: 5, Informative
  
  Would be nice if he signed the tarball with a pgp key.
  He did. See Verifying the integrity of Nmap downloads.
2. Re:No signed source code? by Anonymous Coward · 2006-01-31 10:10 · Score: 0
  
  Whoops! Didn't see it. Thanks.
Windows Installer by Anonymous Coward · 2006-01-31 09:27 · Score: 1, Informative

I just tried the Windows Installer (XP, SP1) and it works like a charm with WinPCap 3.1. Everything seems to work ok, although I've only run a couple of simple scans with it, just a smoke test really.
Awesome! by Slashcrap · 2006-01-31 22:28 · Score: 4, Funny

I just noticed that Nmap 4.0 has a new OS detection fingerprint. It's for the Sony AIBO.

I don't know how we ever got by without that one! Although I suppose you'd want to know if you had one on your corporate LAN. Sony probably rootkits the little fuckers before they leave the factory.
1. Re:Awesome! by user24 · 2006-02-03 10:24 · Score: 1
  
  also the xbox and dreamcast.
  some interesting stuff lurking in those nmap-xxxx files.
NMAP 4.00 for Ubuntu Breezy by NetGeek · 2006-02-01 06:56 · Score: 0

I have made .deb files for NMAP 4.00 for Ubuntu 5.10 (Breezy). More info at http://www.mikesplanet.net/?p=19
Last post! by Wikipedia · 2006-02-13 02:25 · Score: 0

Last post!

--
P2P Anonymous Distributed Web Search: http://www.yacy.net/