pkgsrc-changes: CVS commit: pkgsrc/net

Subject: CVS commit: pkgsrc/net
To: None <pkgsrc-changes@NetBSD.org>
From: Lubomir Sedlacik <salo@netbsd.org>
List: pkgsrc-changes
Date: 07/07/2004 20:54:35
Module Name:	pkgsrc
Committed By:	salo
Date:		Wed Jul  7 20:54:35 UTC 2004

Modified Files:
	pkgsrc/net/nmap: Makefile PLIST distinfo
	pkgsrc/net/nmapfe: Makefile

Log Message:
Updated to version 3.55.

Changes:
========
- Added MAC address printing.  If Nmap receives packet from a target
  machine which is on an Ethernet segment directly connected to the
  scanning machine, Nmap will print out the target MAC address.  Nmap
  also now contains a database (derived from the official IEEE
  version) which it uses to determine the vendor name of the target
  ethernet interface.  The Windows version of Nmap does not yet have
  this capability.  If any Windows developer types are interesting in
  adding it, you just need to implement IPisDirectlyConnected() in
  tcpip.cc and then please send me the patch.  Here are examples from
  normal and XML output (angle brackets replaced with [] for HTML
  changelog compatability):
  MAC Address: 08:00:20:8F:6B:2F (SUN Microsystems)
  [address addr="00:A0:CC:63:85:4B" vendor="Lite-on Communications"
   addrtype="mac" /]

- Updated the XML DTD to support the newly printed MAC addresses.
  Thanks to Thorsten Holz (thorsten.holz(a)mmweg.rwth-aachen.de) for
  sending this patch.

- Added a bunch of new and fixed service fingerprints for version
  detection.  These are from Martin Macok
  (martin.macok(a)underground.cz).

- Normalized many of the OS names in nmap-os-fingerprints (fixed
  capitalization, typos, etc.).  Thanks to Royce Williams
  (royce(a)alaska.net) and Ping Huang (pshuang(a)alum.mit.edu) for
  sending patches.

- Modified the mswine32/nmap_performance.reg Windows registry file to
  use an older and more compatable version.  It also now includes the
  value "StrictTimeWaitSeqCheck"=dword:00000001 , as suggested by Jim
  Harrison (jmharr(a)microsoft.com).  Without that latter value, the
  TcpTimedWaitDelay value apparently isn't checked.  Windows users
  should apply the new registry changes by clicking on the .reg file.
  Or do it manually as described in README-WIN32.  This file is also
  now available in the data directory at
  http://www.insecure.org/nmap/data/nmap_performance.reg

- Applied patch from Gisle Vanem (giva(a)bgnett.no) which allows the
  Windows version of Nmap to work with WinPCAP 3.1BETA (and probably
  future releases).  The Winpcap folks apparently changed the encoding
  of adaptor names in this release.

- Fixed a ping scanning bug that would cause this error message: "nmap:
  targets.cc:196: int hostupdate (Target **, Target *, int, int, int,
  timeout_info *, timeval *, timeval *, pingtune *, tcpqueryinfo *,
  pingstyle): Assertion `pt->down_this_block > 0' failed."  Thanks to
  Beirne Konarski (beirne(a)neo.rr.com) for reporting the problem.

- If a user attempts -PO (the letter O), print an error suggesting
  that they probably mean -P0 (Zero) to disable ping scanning.

- Applied a couple patches (with minor changes) from Oliver Eikemeier
  (eikemeier(a)fillmore-labs.com) which fix an edge case relating to
  decoy scanning IP ranges that must be sent through different
  interfaces, and improves the Nmap response to certain error codes
  returned by the FreeBSD firewall system.  The patches are from
  http://cvsweb.freebsd.org/ports/security/nmap/files/ .

- Many people have reported this error: "checking for type of 6th
  argument to recvfrom()... configure: error: Cannot find type for 6th
  argument to recvfrom()".  In most cases, the cause was a missing or
  broken C++ compiler.  That should now be detected earlier with a
  clearer message.

- Fixed the FTP bounce scan to better detect filered ports on the
  target network.

- Fixed some minor bugs related to the new MAC address printing
  feature.

- Fixed a problem with UDP-scanning port 0, which was reported by
  Sebastian Wolfgarten (sebastian(a)wolfgarten.com).

- Applied patch from Ruediger Rissmann (RRI(a)zurich.ibm.com), which
  helps Nmap understand an EACCESS error, which can happen at least
  during IPv6 scans from certain platforms to some firewalled targets.

- Renamed ACK ping scan option from -PT to -PA in the documentation.
  Nmap has accepted both names for years and will continue to do
  so.

- Removed the notice that Nmap is reading target specifications from a
  file or stdin when you specify the -iL option.  It was sometimes
  printed to stdout even when you wanted to redirect XML or grepable
  output there, because it was printed during options processing before
  output files were handled.  This change was suggested by Anders Thulin
  (ath(a)algonet.se).

- Added --source_port as a longer, but hopefully easier to remember,
  alias for -g.  In other words, it tries to use the constant source
  port number you specify for probes.  This can help against poorly
  configured firewalls that trust source port 20, 53, and the like.

- Removed undocumented (and useless) -N option.

- Fixed a version detection crash reported in excellent detail by
  Jedi/Sector One (j(a)pureftpd.org).

- Applied patch from Matt Selsky (selsky(a)columbia.edu) which helps
  Nmap build with OpenSSL.

- Modified the configure/build system to fix library ordering problems
  that prevented Nmap from building on certain platforms.  Thanks to
  Greg A. Woods (woods(a)weird.com) and Saravanan
  (saravanan_kovai(a)HotPop.com) for the suggestions.

- Applied a patch to Makefile.in from Scott Mansfield
  (thephantom(a)mac.com) which enables the use of a DESTDIR variable
  to install the whole Nmap directory structure under a different root
  directory.  The configure --prefix option would do the same thing in
  this case, but DESTDIR is apparently a standard that package
  maintainers like Scott are used to.  An example usage is
  "make DESTDIR=/tmp/packageroot".

- Removed unnecessary banner printing in the non-root connect() ping
  scan.  Thanks to Tom Rune Flo (tom(a)x86.no) for the suggestion and
  a patch.

- Updated the headers at the top of each source file (mostly to
  advance the copyright year to 2004 and note that Nmap is a registered
  trademark).


To generate a diff of this commit:
cvs rdiff -r1.34 -r1.35 pkgsrc/net/nmap/Makefile
cvs rdiff -r1.3 -r1.4 pkgsrc/net/nmap/PLIST
cvs rdiff -r1.16 -r1.17 pkgsrc/net/nmap/distinfo
cvs rdiff -r1.22 -r1.23 pkgsrc/net/nmapfe/Makefile

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.