pkgsrc-changes: CVS commit: pkgsrc/net/nmap

Subject: CVS commit: pkgsrc/net/nmap
To: None <pkgsrc-changes@NetBSD.org>
From: Adam Ciarcinski <adam@netbsd.org>
List: pkgsrc-changes
Date: 11/26/2004 09:24:21
Module Name:	pkgsrc
Committed By:	adam
Date:		Fri Nov 26 09:24:21 UTC 2004

Modified Files:
	pkgsrc/net/nmap: Makefile distinfo
	pkgsrc/net/nmap/patches: patch-aa patch-ad patch-ae patch-af

Log Message:
Changes 3.77:
o Fixed a memory leak that would generally consume several hundred
  bytes per down host scanned.  While the effect for most scans is
  negligible, it was overwhelming when Scott Carlson
  (Scott.Carlson(a)schwab.com) tried to scan 24 million IPs
  (10.0.0.0/8).  Thanks to him for reporting the problem.

o Fixed a bug in ACK scan that could cause Nmap to crash with the
  message "Unexpected port state: 6" in some cases.  Thanks to Glyn
  Geoghegan (glyng(a)corsaire.com) for reporting the problem.

o Change IP protocol scan (-sO) so that a response from the target
  host in any protocol at all will prove that protocol is open.  As
  before, no response means "open|filtered", an ICMP protocol
  unreachable means "closed", and most other ICMP error messages mean
  "filered".

o Changed IP protocol scan (-sO) so that it sends valid ICMP, TCP, and
  UDP headers when scanning protocols 1, 6, and 17, respectively.  An
  emtpy IP header is still sent for all other protocols.  This should
  prevent the error messages such as "sendto in send_ip_packet:
  sendto(3, packet, 20, 0, 192.31.33.7, 16) => Operation not
  permitted" that Linux (and perhaps other systems) would give when
  they try to interpret the raw packet.  This also makes it more
  likely that these protocols will elicit a response, proving that the
  protocol is "open".

o Null, FIN, Maimon, and Xmas scans now mark ports as "open|filtered"
  instead of "open" when they fail to receive any response from the
  target port.  After all, it could just as easily be filtered as open.
  This is the same change that was made to UDP scan in 3.70.  Also as
  with UDP scan, adding version detection (-sV) will change the state
  from open|filtered to open if it confirms that they really are open.

o Fixed a crash on Windows systems that don't include the iphlpapi
  DLL.  This affects Win95 and perhaps other variants.  Thanks to Ganga
  Bhavani (GBhavani(a)everdreamcorp.com) for reporting the problem and
  sending the patch.

o Ensured that the device type, os vendor, and os family OS
  fingerprinting classification values are scrubbed for XML compliance
  in the XML output.  Thanks to Matthieu Verbert
  (mve(a)zurich.ibm.com) for reporting the problem and sending a patch.

o Changed to Nmap XML DTD to use the same xmloutputversion (1.01) as
  newer versions of Nmap.  Thanks to Laurent Estieux
  (laurent.estieux(a)free.fr) for reporting the problem.


To generate a diff of this commit:
cvs rdiff -r1.39 -r1.40 pkgsrc/net/nmap/Makefile
cvs rdiff -r1.19 -r1.20 pkgsrc/net/nmap/distinfo
cvs rdiff -r1.11 -r1.12 pkgsrc/net/nmap/patches/patch-aa
cvs rdiff -r1.8 -r1.9 pkgsrc/net/nmap/patches/patch-ad
cvs rdiff -r1.5 -r1.6 pkgsrc/net/nmap/patches/patch-ae
cvs rdiff -r1.3 -r1.4 pkgsrc/net/nmap/patches/patch-af

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.