Slashdot Mirror

← Back to Stories (view on slashdot.org)

Nmap 4.00 Released

Posted by Zonk on from the enjoy-mapping-those-n's dept.

NoExec writes "Hot off the nmap-hackers list comes news that the Nmap Security Scanner version 4.00 has been released. Dozens of major changes since 3.50 (2 years ago) are listed in the announcement. These include a rewritten (for speed and memory efficiency) port scanning engine, ARP scanning, a brand new man page and install guide, 'l33t ASCII art, runtime interaction, massive version detection improvements, MAC address spoofing, increased Windows performance, 500 new OS detection fingerprints, completion time estimates, and much more."

13 of 43 comments (clear)

  1. Sweet! by daeley · · Score: 5, Funny

    I wonder if Trinity has had a chance to try it out. ;)

    --
    I watched C-beams glitter in the dark near the Tannhauser gate.
    1. Re:Sweet! by hobbit · · Score: 5, Funny


      Trinity is dead, you insensitve clod!

      --
      "Wise men talk because they have something to say; fools, because they have to say something" - Plato
  2. Re:No raw sockets in XP? by CerebusUS · · Score: 3, Interesting

    Here's Steve Gibson's reasons for a start.

  3. Re:No raw sockets in XP? by slavemowgli · · Score: 4, Informative

    I wonder what's the logic in disabling raw sockets...

    Oh! Can't you see? It's all done to protect you from the evil intarweb hackers!

    That being said, the lowest level you can use now is raw ethernet frames, and that's just what nmap does - in other words, the disabling of raw sockets is completely useless...

    --
    quidquid latine dictum sit altum videtur.
  4. Re:No raw sockets in XP? by jd · · Score: 3, Funny

    This is part of a conspiracy by fast food places. If you can't get raw packets, only grilled ones, you're going to be more inclined to get fries with that.

    --
    It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
  5. SecurityFocus Interview by yesnoyes · · Score: 5, Informative

    SecurityFocus just posted an excellent interview with Fyodor about the 4.00 release. Topics include speed benchmarks, version detection improvement details, the upcoming new OS detection system, and reactions to Nessus going proprietary.

  6. Gibson has no credibility by yesnoyes · · Score: 3, Informative

    Steve Gibson is a total bonehead. His latest moronic idea was debunked on /. just a few days ago.

    1. Re:Gibson has no credibility by Geoffreyerffoeg · · Score: 3, Insightful
      Saying 'but he knows nothing about cars,' is not an ad hominum attack because my abilities, knowledge and experience are directly related to my ability to make a correct argument on this subject.

      Correct.

      No but it would lend support to the statement that he's a moron

      Incorrect, non sequitur, and evidence of not understanding "ad hominem". Unless you're stating that he has that particular 10-point IQ range designated "moron", that fell out of use ages ago, calling him a moron is a personal attack. What if he's being paid off by an underling of Stallman to make as much noise as possible about Windows vulnerabilities - and since Windows is so vulnerable, he's generally right? What if he's just misguided but using useful sources? What if he jumped the shark some time back?

      If you can lend any support to the theory "Gibson is unqualified to offer opinions on Windows security," you'd have a leg. If you can simply prove "Raw sockets do not affect the attack level of the Internet," your case would be done, and you would be attacking the argument, not the person. Why risk making an unrelated ad hominem that could be a fallacy, if it's far easier, and more relevant to the Slashdot discussion at large, to prove the original statement?

      Here, to bring this on topic, refute these claims about raw sockets.
      • Raw sockets have no use in a workstation OS. If XP Home is coming without a webserver, a remote desktop, and so forth, then why does it need something as obscure as raw sockets?
      • If you need to build a specific interface that isn't, e.g., TCP/IP, then write a driver for the protocol, and either digitally sign it or let the user accept the unsigned driver.
      • If we need to allow application-level raw sockets, then only let it run as administrator. Kinda like UNIX only lets root run servers on the first 1024 ports.
      • Raw sockets are easily used by botnets to spoof their source address in a DDOS. Botnets exist.
      • The average user never needs raw sockets. (Nmap is not a tool for the average user.)

      Therefore, just like everything else they've been recently disabling in the name of security, raw sockets have ample justification not to be there.
  7. Comparison to Nessus by yesnoyes · · Score: 5, Insightful
    My favorite part of the release announcement actually relates to Nessus:

    A popular open source security scanner recently went proprietary, complaining that their community never contributes much. We are sorry to hear that, but happy to report that the Nmap community is as vibrant and productive as ever! We would like to acknowledge and thank the many people who contributed ideas and/or code to this release (since 3.50). Special thanks go out to Adam Kerrison, Adam Morgan, Adriano Monteiro Marques, Alan Bishoff [ huge list goes on and on ... ]

    So if Nessus can't get enough help, maybe that says more about how they run the project than their suggestion of an open source community of leeches who don't contribute back.

  8. Re:No signed source code? by Anonymous Coward · · Score: 5, Informative
    Would be nice if he signed the tarball with a pgp key.

    He did. See Verifying the integrity of Nmap downloads.

  9. Re:Gaaah! by menkhaura · · Score: 4, Funny

    You, boy, should be grateful for your backspace key. When I was a lad there were no such things as keys; we used our very own fingers to close the 12000V contacts. Our programs were entered in binary, and we were lucky when we did it all right the first time, for so Dad wouldn't bang our heads with a baseball bat. Furthermore, in order to get 12000V (lower tensions didn't pass through our fingers) on the patch-panel contacts, we had to bring in our own 300lb transformers. On our backs. Uphill both ways.

    --
    Stupidity is an equal opportunity striker.
    Fellow slashdotter Bill Dog
  10. Awesome! by Slashcrap · · Score: 4, Funny

    I just noticed that Nmap 4.0 has a new OS detection fingerprint. It's for the Sony AIBO.

    I don't know how we ever got by without that one! Although I suppose you'd want to know if you had one on your corporate LAN. Sony probably rootkits the little fuckers before they leave the factory.

  11. Re:No raw sockets in XP? by archeopterix · · Score: 4, Interesting
    I wonder what's the logic in disabling raw sockets...
    Stupidity + historical reasons, which I am recalling from memory:

    1. Microsoft implements raw sockets, with some efforts to restrict access to them - only Administrators can use them.
    2. On XP all users are Administrators by default.
    3. Some people point this out, the stupidest being the loudest . ("Full Raw Sockets were created as a potent research tool. They were NEVER INTENDED to be shipped in a mass-market consumer operating system." )
    4. Microsoft thinks it's a good idea.