diff options
author | salo <salo@pkgsrc.org> | 2004-01-22 11:20:04 +0000 |
---|---|---|
committer | salo <salo@pkgsrc.org> | 2004-01-22 11:20:04 +0000 |
commit | ff335aca1a355ec61106c59bad239cd4ba10c800 (patch) | |
tree | 96dc6be81e503c3de6fea74e07ee7b4900a3cc93 /net/nmap | |
parent | 22ae530559c6d719c1f8f23bbc3729a111544b16 (diff) | |
download | pkgsrc-ff335aca1a355ec61106c59bad239cd4ba10c800.tar.gz |
Updated to version 3.50.
- update DESCR
Notable changes:
- Integrated a ton of service fingerprints, increasing the number of
signatures more than 50%. It has now exceeded 1,000 for the first
time, and represents 180 unique service protocols from acap, afp,
and aim to xml-rpc, zebedee, and zebra.
- Implemented a huge OS fingerprint update. The number of
fingerprints has increased more than 13% to 1,121. This is the first
time it has exceeded 1000. Notable updates include Linux 2.6.0, Mac
OS X up to 10.3.2 (Panther), OpenBSD 3.4 (normal and pf "scrub all"),
FreeBSD 5.2, the latest Windows Longhorn warez, and Cisco PIX 6.3.3.
As usual, there are a ton of new consumer devices from ubiquitous
D-Link, Linksys, and Netgear broadband routers to a number of new IP
phones including the Cisco devices commonly used by Vonage. Linksys
has apparently gone special-purpose with some of their devices, such
as their WGA54G "Wireless Game Adapter" and WPS54GU2 wireless print
server. A cute little MP3 player called the Rio Karma was submitted
multiple times and I also received and integrated fingerprints for the
Handspring Treo 600 (PalmOS).
- Applied some man page fixes from Eric S. Raymond
(esr(a)snark.thyrsus.com).
- Added version scan information to grepable output between the last
two '/' delimiters (that space was previously unused). So the format
is now "portnum/state/protocol/owner/servicename/rpcinfo/versioninfo"
as in "53/open/tcp//domain//ISC Bind 9.2.1/" and
"22/open/tcp//ssh//OpenSSH 3.5p1 (protocol 1.99)/". Thanks to
MadHat (madhat(a)unspecific.com) for sending a patch (although I did
it differently). Note that any '/' characters in the
version (or owner) field are replaced with '|' to keep awk/cut
parsing simple. The service name field has been updated so that it
is the same as in normal output (except for the same sort of
escaping discussed above).
- Integrated an Oracle TNS service probe and match lines contributed
by Frank Berger (fm.berger(a)gmx.de). New probe contributions are
always appreciated!
- Fixed a crash that could happen during SSL version detection due to
SSL session ID cache reference counting issues.
- Applied patch to nmap XML dtd (nmap.dtd) from Mario Manno
(mm(a)koeln.ccc.de). This accounts for the new version scanning
functionality.
- Upgraded to Autoconf 2.59 (from 2.57). This should help HP-UX
compilation problems reported by Petter Reinholdtsen
(pere(a)hungry.com) and may have other benefits as well.
- Made Ident-scan (-I) limits on the length and type of responses
stricter so that rogue servers can't flood your screen with 1024
characters. The new length limit is 32. Thanks to Tom Rune Flo
(tom(a)x86.no) for the suggestion and a patch.
- Fingerprints for unrecognized services can now be a bit longer to
avoid truncating as much useful response information. While the
fingerprints can be longer now, I hope they will be less frequent
because of all the newly recognized services in this version.
- The nmap-service-probes "match" directive can now take a service
name like "ssl/vmware-auth". The service will then be reported as
vmware-auth (or whatever follows "ssl/") tunneled by SSL, yet Nmap
won't actually bother initiating an SSL connection. This is useful
for SSL services which can be fully recognized without the overhead
of making an SSL connection.
- Version scan now chops commas and whitespace from the end of
vendorproductname, version, and info fields. This makes it easier to
write templates incorporating lists. For example, the tcpmux service
(TCP port 1) gives a list of supported services separated by CRLF.
Nmap uses this new feature to print them comma separated without
having an annoying trailing comma as so (linewrapped):
match tcpmux m|^(sgi_[-.\w]+\r\n([-.\w]+\r\n)*)$|
v/SGI IRIX tcpmux//Available services: $SUBST(1, "\r\n", ",")/
Diffstat (limited to 'net/nmap')
-rw-r--r-- | net/nmap/DESCR | 13 | ||||
-rw-r--r-- | net/nmap/Makefile | 5 | ||||
-rw-r--r-- | net/nmap/distinfo | 8 | ||||
-rw-r--r-- | net/nmap/patches/patch-ad | 14 |
4 files changed, 20 insertions, 20 deletions
diff --git a/net/nmap/DESCR b/net/nmap/DESCR index 99da40fc123..bd19cfc16ad 100644 --- a/net/nmap/DESCR +++ b/net/nmap/DESCR @@ -1,6 +1,7 @@ -Nmap is a utility for port scanning large networks, although it works fine -for single hosts. It supports many different scanning techniques and has -a number of performance and reliability features such as dynamic delay time -calculations, packet timeout and retransmission, parallel port scanning, -detection of down hosts via parallel pings, and flexible target and port -specification. +Nmap ("Network Mapper") is a free open source utility for network exploration +or security auditing. It was designed to rapidly scan large networks, +although it works fine against single hosts. Nmap uses raw IP packets in +novel ways to determine what hosts are available on the network, what services +(application name and version) they are offering, what operating system (and +OS version) they are running, what type of packet filters/firewalls are in +use, and dozens of other characteristics. diff --git a/net/nmap/Makefile b/net/nmap/Makefile index 6858df19859..180aa8851e7 100644 --- a/net/nmap/Makefile +++ b/net/nmap/Makefile @@ -1,8 +1,7 @@ -# $NetBSD: Makefile,v 1.30 2003/11/12 03:39:41 jschauma Exp $ +# $NetBSD: Makefile,v 1.31 2004/01/22 11:20:04 salo Exp $ # -DISTNAME= nmap-3.48 -PKGREVISION= 1 +DISTNAME= nmap-3.50 CATEGORIES= net security MASTER_SITES= http://www.insecure.org/nmap/dist/ EXTRACT_SUFX= .tar.bz2 diff --git a/net/nmap/distinfo b/net/nmap/distinfo index 676cd832be1..8d0cdf32f77 100644 --- a/net/nmap/distinfo +++ b/net/nmap/distinfo @@ -1,9 +1,9 @@ -$NetBSD: distinfo,v 1.15 2003/10/13 15:02:15 salo Exp $ +$NetBSD: distinfo,v 1.16 2004/01/22 11:20:04 salo Exp $ -SHA1 (nmap-3.48.tar.bz2) = 91ed393f9fbe4a0739de282b0aca003b856b93df -Size (nmap-3.48.tar.bz2) = 1227663 bytes +SHA1 (nmap-3.50.tar.bz2) = a8b2aed3375f8aad73cf8880c915590153d5e830 +Size (nmap-3.50.tar.bz2) = 1255501 bytes SHA1 (patch-aa) = 0ab8ca4b1123ab22720eb594973eb7e9ca07903b SHA1 (patch-ab) = 31cee0df5dd8d071f421fc8b9d467b34a6275472 -SHA1 (patch-ad) = 9d9dc207ddd55e38d3ae95e41440c6f0c2bb2474 +SHA1 (patch-ad) = cf858f405358db39fd28f04055e96746b3411261 SHA1 (patch-ae) = 703872b2f822e48080b6158774d0adf75e652bff SHA1 (patch-af) = 21b03fc6658267c6c40d65f634f4fe20d06a2d77 diff --git a/net/nmap/patches/patch-ad b/net/nmap/patches/patch-ad index 687b637728c..107959f97f5 100644 --- a/net/nmap/patches/patch-ad +++ b/net/nmap/patches/patch-ad @@ -1,8 +1,8 @@ -$NetBSD: patch-ad,v 1.7 2003/10/13 15:02:15 salo Exp $ +$NetBSD: patch-ad,v 1.8 2004/01/22 11:20:04 salo Exp $ ---- nbase/configure.orig 2003-10-03 10:33:24.000000000 +0200 -+++ nbase/configure 2003-10-06 12:52:20.000000000 +0200 -@@ -10,6 +10,8 @@ +--- nbase/configure.orig 2004-01-12 04:23:12.000000000 +0100 ++++ nbase/configure 2004-01-22 10:19:15.000000000 +0100 +@@ -9,6 +9,8 @@ ## M4sh Initialization. ## ## --------------------- ## @@ -11,16 +11,16 @@ $NetBSD: patch-ad,v 1.7 2003/10/13 15:02:15 salo Exp $ # Be Bourne compatible if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then emulate sh -@@ -6423,7 +6425,7 @@ +@@ -7068,7 +7070,7 @@ echo $ECHO_N "(cached) $ECHO_C" >&6 else ac_check_lib_save_LIBS=$LIBS -LIBS="-lssl $LIBS" +LIBS="-lssl -lcrypto $LIBS" cat >conftest.$ac_ext <<_ACEOF - #line $LINENO "configure" /* confdefs.h. */ -@@ -6476,7 +6478,7 @@ + _ACEOF +@@ -7131,7 +7133,7 @@ #define HAVE_LIBSSL 1 _ACEOF |