Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
Diet Nmap v3.95 Released
From: Fyodor (fyodorinsecure.org)
Date: Thu Dec 08 2005 - 13:43:19 CST
While Nmap has gained many cool features in the last couple of years,
its waistline has also been growing. 65K-port scans of many hosts can
take an unacceptable amount of RAM. I want Nmap to work on your
Zaurus PDA, not to require an expensive new computer. So I am pleased
to introduce Diet Nmap, otherwise known as 3.95, which substantially
reduces the memory consumption of large scans.
And that isn't all! I'm happy to report that the NmapFE GUI is back
from the (near) dead. Most modern Linux systems don't even include
the GTK1 which it relied on, but Mike Basinger and Meethune Bhowmick
ported it to GTK2 for this version. I am distributing NmapFE RPMs
again now that it actually compiles on my systems.
3.95 also includes the brand new man page and help screen. The
response to my call for translations was overwhelming! Teams of
volunteers are hard at work on 27 languages from Arabic, Azeri, and
Catalan to Spanish, Swedish, and Tagalog. This release includes the
two that have been completed so far (Brazilian Portuguese, and
Portugal Portuguese). A few more teams are apparently just days away
This version includes some fixes that make it compile with Visual C++
2005 Express, which Microsoft is distributing for free from
I'm also pleased to report that this release contains significant
version detection improvements from Doug Hoyte. There are many bug
As usual, you can find the goods at:
Enjoy, and let me know (see
http://www.insecure.org/nmap/man/man-bugs.html ) if you find any
problems. Here is the full list of changes since 3.93:
o Put Nmap on a diet, with changes to the core port scanning routine
(ultra_scan) to substantially reduce memory consumption, particularly
when tens of thousands of ports are scanned.
o Updated NmapFE to build with GTK2 rather than obsolete GTK1. Thanks
to Mike Basinger (dbasinge(a)speakeasy.net) and Meethune Bhowmick
(meethune(a)oss-institute.org) for developing the
patch. I made some changes as well to prevent compilation warnings.
The new NmapFE now seems to work, though I do get "Gtk-CRITICAL"
assertion error messages. If someone has time to look into this, that
would be appreciated.
o Wrote a new man page from scratch. It is much more comprehensive
(more than twice as long) and (IMHO) better organized than the
previous one. Read it online at http://www.insecure.org/nmap/man/
or docs/nmap.1 from the Nmap distribution. Let me know if you have
any ideas for improving it.
o Wrote a new "help screen", which you get when running Nmap without
arguments. It is also reproduced in the man page and at
http://www.insecure.org/nmap/data/nmap.usage.txt . I gave up trying
to fit it within a 25-line, 80-column terminal window. It is now 78
lines and summarizes all but the most obscure Nmap options.
o Removed foreign translations of the old man page from the
distribution. Included the following contributed translations
(nroff format) of the new man page:
Brazilian Portuguese by Lucien Raven (lucienraven(a)yahoo.com.br)
Portuguese (Portugal) by José Domingos (jd_pt(a)yahoo.com) and
Andreia Gaita (shana.ufie(a)gmail.com).
o Fixed a crash in IPID Idle scan. Thanks to Ron
(iago(a)valhallalegends.com>, Bakeman (bakeman(a)physics.unr.edu),
and others for reporting the problem.
o Applied some small fixes so that Nmap compiles with Visual C++
2005 Express, which is free from Microsoft at
http://msdn.microsoft.com/vstudio/express/visualc/ . Thanks to KX
(kxmail(a)gmail.com) and Sina Bahram (sbahram(a)nc.rr.com)
o Version detection softmatches (when Nmap determines the service
protocol such as smtp but isn't able to determine the app name such as
Postfix) can now parse out the normal match line fields such as
hostname, device type, and extra info. For example, we may not know
what vendor created an sshd, but we can still parse out the protocol
number. This was a patch from Doug Hoyte (doug(a)hcsw.org).
o Fixed a problem which caused UDP version scanning to fail to print
the matched service. Thanks to Martin Macok
(martin.macok(a)underground.cz) for reporting the problem and Doug
Hoyte (doug(a)hcsw.org) for fixing it.
o Made the version detection "ports" directive (in
nmap-service-probes) more comprehensive. This should speed up scans a
bit. The patch was done by Doug Hoyte (doug(a)hcsw.org).
o Integrated all of the September version detection fingerprint
submissions. This was done by Version Detection Czar Doug Hoyte
(doug(a)hcsw.org) and resulted in 86 new match lines. Please keep
those submissions coming!
o Fixed a bunch of typos and misspellings throughout the Nmap source
code (mostly in comments). This was a 625-line patch by Saint Xavier
o Added the --webxml option, which does the same thing as
--stylesheet http://www.insecure.org/nmap/data/nmap.xsl , without
requiring you to remember the exact URL or type that whole thing.
o Fixed a possible aliasing problem in tcpip.cc by applying a patch sent in by
Gwenole Beauchesne (gbeauchesne(a)mandriva.com). This problem
shouldn't have had any effect on users since we already include the
-fno-strict-aliasing option whenever gcc 4 is detected, but it
brings us closer to being able to remove that option.
o Fixed a problem with the -S and -e options (spoof/set
source address, and set interface by name, respectively). The problem
report and a partial patch were sent by Richard Birkett
o Fixed a problem with the -S and option on Windows reporting "Failed
to resolve/decode supposed IPv4 source address". The -D (decoy)
option was probably broken on that platform too. Thanks to KX
(kxmail(a)gmail.com) for reporting the problem and tracking down a
o Added --thc option (undocumented)
o Modified libdnet-stripped/src/eth-bsd.c to allow for up to 128 bpf
devices rather than 32. This prevents errors like "Failed to open
ethernet interface (fxp0)" when there are more than 32 interface
aliases. Thanks to Krok (krok(a)void.ru) for reporting the problem
and even sending a patch.
o Fixed a minor syntax error in tcpip.h that was causing problems with
GCC 4.1. Thanks to Dirk Mueller (dmuell(a)gmx.net) for reporting
the problem and sending a fix.
o Define INET_ADDRSTRLEN in tcpip.h if the system doesn't define it
for us. This apparently aids compilation on Solaris 2.6 and 7.
Thanks to Albert Chin (nmap-hackers(a)mlists.thewrittenword.com) for
sending the patch..
o Fixed an inefficiency in RPC scan that could slow things down and
also sometimes resulted in the spurious warning message: "Unable to
find listening socket in get_rpc_results"
o Fixed a compilation problem on Mac OS X and perhaps other platforms
with a one-line fix to scan_engine.cc. Thanks to Felix Gröbert
(felix(a)groebert.org) for notifying me of the problem.
o Nmap now accepts target list files in Windows end-of-line format (\r\n)
as well as standard UNIX format (\n) on all platforms. Passing a
Windows style file to Nmap on UNIX didn't work before unless you ran
o Fixed a problem that prevented the command "nmap -sT -PT <targets>"
from working from a non-privileged user account. The -PT option
doesn't change default behavior in this case, but Nmap should (and now
does) allow it.
o Better handle ICMP type 3, code 0 (network unreachable) responses to
port scan packets. These are rarely seen when scanning hosts that
are actually online, but are still worth handling.
o Fixed a crash occured when the --exclude option was used with
netmasks on certain platforms. Thanks to Adam
(nmapuser(a)globalmegahost.com) for reporting the problem and to
Greg Darke (starstuff(a)optusnet.com.au) for sending a patch (I
modified the patch a bit to make it more efficient).
o Removed Identd scan support from NmapFE since Nmap no longer
supports it. Thanks to Jonathan Dieter (jdieter99(a)gmx.net) for the
o Fixed a bug that caused Nmap to crash if an nmap-service-probes file
was used which didn't contain the Exclude directive.
o Fixed a divide-by-zero crash when you specify rather bogus
command-line arguments (a TCP scan with zero tcp ports). Thanks to
Bart Dopheide (dopheide(a)fmf.nl) for identifying the problem and
sending a patch.
Sent through the nmap-hackers mailing list