| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Really lots of changes since last packaged version (0.83).
Unfortunately there is now changes list included with the distribution file
even if it is stated otherwise.
See http://www.switch.ch/misc/leinen/snmp/perl/changes.html.
Among remarkable things please note IPv6 support and of course many
bug fixes.
|
|
within NetBSD-current's bsd.own.mk, which conflicts with its usage in
pkgsrc. The package that use USE_PAM have been converted to use the
bsd.options.mk framework. This should fix PR pkg/29257.
|
|
- Thanks to diro (at) nixsys.bz for reporting this in PR# 25955 and testing the
patch.
|
|
Changes:
- Nmap now ships with and installs (in the same directory as other
data files such as nmap-os-fingerprints) an XSL stylesheet for
rendering the XML output as HTML. This stylesheet was written by
Benjamin Erb ( see http://www.benjamin-erb.de/nmap/ for examples).
It supports tables, version detection, color-coded port states, and
more. The XML output has been augmented to include an
xml-stylesheet directive pointing to nmap.xsl on the local
filesystem. You can point to a different XSL file by providing the
filename or URL to the new --stylesheet argument. Omit the
xml-stylesheet directive entirely by specifying --no-stylesheet.
The XML to HTML conversion can be done with an XSLT processor such
as Saxon, Sablot, or Xalan, but modern browsers can do this on the
fly -- simply load the XML output file in IE or Firefox. Some
features don't currently work with Firefox's on-the-fly rendering.
Perhaps some Mozilla wizard can fix that in either the XSL or the
browser itself. I hate having things work better in IE :). It is
often more convenient to have the stylesheet loaded from a URL
rather than the local filesystem, allowing the XML to be rendered on
any machine regardless of whether/where the XSL is installed. For
privacy reasons (avoid loading of an external URL when you view
results), Nmap uses the local filesystem by default. If you would
like the latest version of the stylesheet load from the web when
rendering, specify
--stylesheet http://www.insecure.org/nmap/data/nmap.xsl .
- Fixed fragmentation option (-f). One -f now sets sends fragments
with just 8 bytes after the IP header, while -ff sends 16 bytes to
reduce the number of fragments needed. You can specify your own
fragmentation offset (must be a multiple of 8) with the new --mtu
flag. Don't also specify -f if you use --mtu. Remember that some
systems (such as Linux with connection tracking) will defragment in
the kernel anyway -- so test first while sniffing with ethereal.
These changes are from a patch by Martin Macok
(martin.macok(a)underground.cz).
- Nmap now prints the number (and total bytes) of raw IP packets sent
and received when it completes, if verbose mode (-v) is enabled. The
report looks like:
Nmap finished: 256 IP addresses (3 hosts up) scanned in 30.632 seconds
Raw packets sent: 7727 (303KB) | Rcvd: 6944 (304KB)
- Fixed (I hope) an error which would cause the Windows version of
Nmap to abort under some circumstances with the error message
"Unexpected error in NSE_TYPE_READ callback. Error code: 10053
(Unknown error)". Problem reported by "Tony Golding"
(biz(a)tonygolding.com).
- Added new "closed|filtered" state. This is used for Idlescan, since
that scan method can't distinguish between those two states. Nmap
previously just used "closed", but this is more accurate.
- Null, FIN, Maimon, and Xmas scans now mark ports as "open|filtered"
instead of "open" when they fail to receive any response from the
target port. After all, it could just as easily be filtered as open.
This is the same change that was made to UDP scan in 3.70. Also as
with UDP scan, adding version detection (-sV) will change the state
from open|filtered to open if it confirms that they really are open.
- Fixed a bug in ACK scan that could cause Nmap to crash with the
message "Unexpected port state: 6" in some cases. Thanks to Glyn
Geoghegan (glyng(a)corsaire.com) for reporting the problem.
- Change IP protocol scan (-sO) so that a response from the target
host in any protocol at all will prove that protocol is open. As
before, no response means "open|filtered", an ICMP protocol
unreachable means "closed", and most other ICMP error messages mean
"filtered".
- Patched a Winpcap issue that prevented read timeouts from being
honored on Solaris (thus slowing down Nmap substantially). The
problem report and patch were sent in by Ben Harris
(bjh21(a)cam.ac.uk).
- Changed IP protocol scan (-sO) so that it sends valid ICMP, TCP, and
UDP headers when scanning protocols 1, 6, and 17, respectively. An
empty IP header is still sent for all other protocols. This should
prevent the error messages such as "sendto in send_ip_packet:
sendto(3, packet, 20, 0, 192.31.33.7, 16) => Operation not
permitted" that Linux (and perhaps other systems) would give when
they try to interpret the raw packet. This also makes it more
likely that these protocols will elicit a response, proving that the
protocol is "open".
- The windows build now uses header and static library files from
Winpcap 3.1Beta4. It also now prints out the DLL version you are
using when run with -d. I would recommend upgrading to 3.1Beta4 if
you have an older Winpcap installed.
- Added an NTP probe and matches to the version detection database
(nmap-service-probes) thanks to a submission from Martin
Macok (martin.macok@underground.cz).
- Applied several Nmap service detection database updates sent in by
Martin Macok (martin.macok(a)underground.cz).
|
|
* use modern automake rather than 1.4 (James Henstridge)
* Fix a couple of warnings from sparse (Kjartan Maraas)
* Fix parsing of 'const octet' (Jules Colding)
|
|
|
|
- Use libnet 1.1.x branch
- No changelog available
- Addresses PR# 29056
|
|
|
|
|
|
* bug fixes
+ Fix mem leak on exception overwrite (Michael)
+ Fix demarshalling CORBA_any containing null or void values (Michael)
+ IDL generation (esp. skelimpl) fixes (Jules Colding)
+ Ongoing Win32 port work (Tor Lillqvist)
+ Fix linking on Darwin (Hans Petter Jansson)
|
|
|
|
- Bump to nb3
- Thanks to Antoine Reilles for supplying the patch
|
|
- Bump to nb4
- Thanks to Antoine Reilles for supplying the patch
|
|
- Lots of changes and bugfixes, see distrib/ChangeLog
|
|
- Use "mountcritremote" as requirement in "adsl.sh" because packages might
reside on a NFS mount filesystem as pointed out by Luke Mewburn.
Bump package revision after these fixes.
|
|
work around the limitations of the security-patched SimpleXMLRPCServer
|
|
prototype of abs() in "stdlib.h" after de-__P-ing "stdlib.h".
|
|
|
|
target that appears later in the Makefile. Also move inclusion of
buildlink3.mk files above target definitions, as per style guidelines.
|
|
- Fix shell quoting bugs in adsl_stop() procedure.
- Fix "awk" command used to find process id of "ppp" program.
- Remove SysV semaphore which might be left behind by "modem_run".
Bump package revision because of these fixes.
|
|
Pkgsrc changes:
- make this build under IRIX.
- tor has moved to tor.eff.org
Version changes since 0.0.9.2:
- Backport the cpu use fixes from main branch, so busy servers won't
need as much processor time.
- Work better when we go offline and then come back, or when we
run Tor at boot before the network is up. We do this by
optimistically trying to fetch a new directory whenever an
application request comes in and we think we're offline -- the
human is hopefully a good measure of when the network is back.
- Backport some minimal hidserv bugfixes: keep rend circuits open as
long as you keep using them; actually publish hidserv descriptors
shortly after they change, rather than waiting 20-40 minutes.
- Enable Mac startup script by default.
- Fix duplicate dns_cancel_pending_resolve reported by Giorgos Pallas.
- When you update AllowUnverifiedNodes or FirewallPorts via the
controller's setconf feature, we were always appending, never
resetting.
- When you update HiddenServiceDir via setconf, it was screwing up
the order of reading the lines, making it fail.
- Do not rewrite a cached directory back to the cache; otherwise we
will think it is recent and not fetch a newer one on startup.
- Workaround for webservers that lie about Content-Encoding: Tor
now tries to autodetect compressed directories and compression
itself. This lets us Proxypass dir fetches through apache.
|
|
- No ChangeLog available
- Use options.mk so users can choose arping1 with libnet 1.0.x or
arping2 with libnet 1.1.x
|
|
on -current. Bump PKGREVISION.
|
|
|
|
fix command_interpreter in rc scripts.
bump PKGREVISION.
|
|
ethereal svn version is laready fixed.
From PR pkg/29065 by Greg A. Woods.
|
|
than "network".
|
|
pulled in if kerberos option not set.
|
|
|
|
|
|
configure script, so it must be explicitly disabled when not wanted.
Using both "with" and "without" explicitly is good practise for any
"--with-foo" option in general.
Bump revision so this is easier to track in case of PR's.
|
|
|
|
|
|
|
|
verision of libnet <= 1.0.1b. This will prevent the case where the user
has installed the libnet 1.1.x branch and then tries to install an application
that is not compatible with the 1.1.x tree.
Over time the list of these applications that require the 1.0.x branch
will be reduced as they are updated to later versions that support the
libnet 1.1.x branch.
This addresses PR# 29056 opened by diro (at) nixsys.bz, thanks for the PR !
|
|
|
|
2005-01-25 - Snort 2.3.0 Final Released
* Fixed issue with sfPortscan reporting incorrect IP datagram length.
Thanks Jon Hart for the test case and finding the bug, and Marc Norton
for resolving the issue.
* Threshold/Suppression now prints properly when logging to syslog.
Thanks Sekure for pointing out the problem. Thanks Steve Sturges for
working on the fix.
* Threshold memcap argument now correctly handles non-integer input.
Thanks nnposter for the patch.
* Fixed issue reported by Allan Jensen, where on MacOS X, ppp links were
not decoded properly. Thanks Dan Roelker for the fix.
* Snort manual and FAQ are updated for 2.3. Thanks Jen Harvey for your
work on putting it all together.
2004-12-15 - Snort 2.3.0 RC2 Released
* Small performance improvement to arpspoof and also fixed a problem
where the list of configured IP/MAC entries would contain only one
entry and leaked memory (Jeff Nathan).
* Fixed a problem affecting MacOS X where linking may fail with
non-standard libraries when global symbols are encountered multiple
times (Jeff Nathan).
* Ignore RST|ACK midstream pickup case so we don't get an evasive TCP
alerts. Thanks for the report, Sekure. Thanks Dan Roelker for the fix.
* Moved CheckLogDir() to after parsing snort.conf (for IDS mode) so the
logdir config will work if the default or command-line logdir does not
exist on the system. Thanks Dan Roelker.
* Fixed bug when setting the doe_ptr on a successful pcre match.
It is now set relative to base_ptr. Thanks Steve Sturges for the
fix.
* Added from_beginning and multiplier options for byte_jump.
from_beginning skips bytes from the beginning of the content,
instead of from the location immediately following the number
of bytes to skip. multiplier takes a numeric argument, and
skips x times that number of bytes. Thanks again to Steve Sturges.
* In "fast" output, now log only actual packet contents when UDP
data length is greater than actual data length. Thanks Brian
Caswell for spotting this, and Andrew Mullican for working on the fix.
* Please check the ChangeLog for further details.
2004-11-18 - Snort 2.3.0 RC1 Released
* Added IPS functionality from Snort-Inline. A big thanks to the
Snort-Inline guys (Jed Haile, Rob McMillen, William Metcalf, and Victor
Julien). Also, Thanks Dan Roelker for doing the integrating of
Snort-Inline into the official Snort project.
* Added new portscan detector. The design and implementation was headed
up by Dan Roelker, and included Marc Norton and Jeremy Hewlett.
* Numerous changes for better 64bit Snort support from Jeremy Hewlett and
Marc Norton. Additionally, an --enable-64bit-gcc option was added to
configure. However, there are still some memory alignment issues to
work out before 64bit mode is fully functional, patches are welcomed.
Thanks Chris Baker for doing 64bit testing.
* Added not_established keyword to the flow detection option. This allows
snort to do dynamic firewall rulesets. Experimental for now.
* Added an enforce_state keyword to stream4 so we won't pick up midstream
sessions. This works well for asynchronous links and also for
just monitoring legitimate traffic.
* Relocated ./contrib files to http://www.snort.org/dl/contrib as many
are not maintained by Sourcefire and are out of date. The rpm and
schema files have been relocated in their respective 'rpm' and 'schemas'
directories under the snort parent directory.
* perfmonitor config line can now be configured with "accumulate" or
"reset." Thanks Marc Norton for the feature, and Barry Basselgia for
pointing out the issue. Thanks Scott Dexter and Andreas Ostling for
doing some initial testing.
* Fixed 64-bit bug in sfmemcap.c found and tested by Ryan Matteson
and Clay McClure. Thanks guys.
* Fixed reference times to match log time for first packet, for an event
generated by a reassembled packet. Incremented event ID to give
unique ID for each packet. Also made unified logging compatible with
Windows. Thanks Andrew Mullican for the fix.
* Fixed linux perfmonitoring stats for the 2.6 kernel. Thanks to
everyone that reported this bug. Thanks Dan Roelker for the fix.
* Get thresholding/suppression to work for alerts that do not
contain an ip header (primarily decode alerts). Thanks
Brian Caswell.
* Fix conditions where snort would log double web alerts that
contained only content options (no uricontents). Thanks to kawa for
finding and reporting this bug.
* Fix suppression/thresholding bug for non-rule alerts. Thanks to
Alex Butcher for reporting it to us.
* Many other bug fixes, please check the ChangeLog for details.
|
|
|
|
http://www.snort.org/dl/contrib/
|
|
are problems with some network configuration. phone agreed to reomve it.
Add 24 to PYTHON_VERSIONS_ACCEPTED, because it works since version 0.3.9
with Python 2.4.
Approved by wiz.
Release notes:
- 0.3.9
Ever since the Python people released a new revision of their rather
intriguing programming language, I've had people bugging me to put out a
new version (especially since there were issues with running the 0.3.8
codebase under it).
I'd been waiting for a version of wxPython for Windows that would work
with the new Python to be released as well, and now that it has, well,
here you go!
This version also fixes a few other bugs; the number of upload slots is
now proper, and firewalled peers that lose all their connections will find
themselves reconnecting more quickly, and a few other problems were fixed.
I did hold back a number of fixes and improvements pending work on 0.4.0.
Otherwise I'd wind up having to update two separate branches of code,
something I'd really rather not do. (Forking your own code can suck
badly.) So the window-width problem still isn't fixed. Oh well.
- 0.3.9a
The T-0.3.9a release contains a bugfix for the tracker, and the modified
installer includes a DLL which is missing on some people's systems. If
you're already successfully running T-0.3.9 on your system, there's no
need to upgrade.
- 0.3.9b
This contains another fix to the tracker codebase. No change was made to
client functionality.
- 0.3.10
The latest update should fix the problem with the client getting stuck in
the task manager under Windows. The pause system has been rewritten, and
no longer halts the engine; it should work properly without freezing up
now on machines w/ limits on the maximum number of connections that can
be kept open. A few other bugs have been fixed, though the GUI width
problem hasn't (and may not until the GUI is rewritten). Another stupid
bug, where the download time estimate isn't blanked when the client is
paused, will be fixed in the next version.
|
|
Bump PKG_REVISION.
|
|
Bump to jwhois-3.2.2nb12.
|
|
pathnames in the tarball.
|
|
Bump PKGREVISION.
|
|
Bump package version number to 9.3.0pl1 because of this.
|
|
|
|
|
|
others OS as well. Patch wget so that it won't try to use ipv6-mapped ipv4
addresses, but uses INET4 socket sockets instead. Bump pkgrev.
Fix issues with v6-enabled wget reported on tech-pkg.
|
|
Changes include:
Fixes for print-isakmp.c CVE: CAN-2004-0183, CAN-2004-0184
http://www.rapid7.com/advisories/R7-0017.html
IP-over-IEEE1394 printing.
some MINGW32 changes.
updates for autoconf 2.5
fixes for print-aodv.c - check for too short packets
formatting changes to print-ascii for hex output.
check for too short packets: print-bgp.c, print-bootp.c, print-cdp.c,
print-chdlc.c, print-domain.c, print-icmp.c, print-icmp6.c,
print-ip.c, print-lwres.c, print-ospf.c, print-pim.c,
print-ppp.c,print-pppoe.c, print-rsvp.c, print-wb.c
print-ether.c - better handling of unknown types.
print-isoclns.c - additional decoding of types.
print-llc.c - strings for LLC names added.
print-pfloc.c - various enhancements
print-radius.c - better decoding to strings.
changed syntax of -E argument so that multiple SAs can be decrypted
fixes for Digital Unix headers and Documentation
__attribute__ fixes
CDP changes from Terry Kennedy <terry@tmk.com>.
IPv6 mobility updates from Kazushi Sugyo <sugyo@pb.jp.nec.com>
Fixes for ASN.1 decoder for 2.100.3 forms.
Added a count of packets received and processed to clarify numbers.
Incorporated WinDUMP patches for Win32 builds.
PPPoE payload length headers.
Fixes for HP C compiler builds.
Use new pcap_breakloop() and pcap_findalldevs() if we can.
BGP output split into multiple lines.
Fixes to 802.11 decoding.
Fixes to PIM decoder.
SuperH is a CPU that can't handle unaligned access. Many fixes for
unaligned access work.
Fixes to Frame-Relay decoder for Q.933/922 frames.
Clarified when Solaris can do captures as non-root.
Added tests/ subdir for examples/regression tests.
New -U flag. -flush stdout after every packet
New -A flag -print ascii only
support for decoding IS-IS inside Cisco HDLC Frames
more verbosity for tftp decoder
mDNS decoder
new BFD decoder
cross compilation patches
RFC 3561 AODV support.
UDP/TCP pseudo-checksum properly for source-route options.
sanitized all files to modified BSD license
Add support for RFC 2625 IP-over-Fibre Channel.
fixes for DECnet support.
Support RFC 2684 bridging of Ethernet, 802.5 Token Ring, and FDDI.
RFC 2684 encapsulation of BPDUs.
This is a security fix update.
|
|
- Bump to nb1
- Change to my NetBSD.org address
- Issue spotted by Gert Doering in PR# 29115 - Thanks for the PR.
|
