Subject: CVS commit: doc
To: None <source-changes@netbsd.org>
From: Hubert Feyrer <hubertf@netbsd.org>
List: source-changes
Date: 08/03/2002 15:24:35
Module Name:	doc
Committed By:	hubertf
Date:		Sat Aug  3 12:24:34 UTC 2002

Modified Files:
	doc: pkg-CHANGES

Log Message:
Update nmap to 3.00. Changes:

    * Added protocol scan (-sO), which determines what IP protocols
      (TCP, IGMP, GRE, UDP, ICMP, etc) are supported by a given host.
      This uses a clever technique designed and implemented by Gerhard
      Rieger .
    * Nmap now recognizes more than 700 operating system versions and
      network devices (printers, webcams, routers, etc) thanks to
      thousands of contributions from the user community! Many
      operating systems were even recognized by Nmap prior to their
      official release. Nmap3 also recognizes 2148 port assignments,
      451 SunRPC services, and 144 IP protocols.
    * Added Idlescan (-sI), which bounces the scan off a "zombie"
      machine. This can be used to bypass certain (poorly configured)
      firewalls and packet filters. In addition, this is the most
      stealthy Nmap scan mode, as no packets are sent to the target
      from your true IP address.
    * The base Nmap package now builds and functions under Windows! It
      is distributed in three forms: build-it-yourself source code, a
      simple command-line package, or along with a nice GUI interface
      (NmapWin) and a fancy installer. This is due to the hard work of
      Ryan Permeh (from eEye), Andy Lutomirski, and Jens Vogt.
    * Mac OS X is now supported, as well as the latest versions of
      Linux, OpenBSD, Solaris, FreeBSD, and most other UNIX platforms.
      Nmap has also been ported to several handheld devices -- see the
      Related Projects page for further information.
    * XML output (-oX) is now available for smooth interoperability
      between Nmap and other tools.
    * Added ICMP Timestamp and Netmask ping types (-PP and -PM). These
      (especially timestamp) can be useful against some hosts that do
      not respond to normal ping (-PI) packets. Nmap still allows TCP
      "ping" as well.
    * Nmap can now detect the uptime of many hosts when the OS Scan
      option (-O) is used.
    * Several new tests have been added to make OS detection more
      accurate and provide more granular version information.
    * Removed 128.210.*.* addresses from Nmap man page examples due to
      complaints from Purdue security staff.
    * The --data_length option was added, allowing for longer probe
      packets. Among other uses, this defeats certain simplistic IDS
      signatures.
    * You can now specify distinct port UDP and TCP port numbers in a
      single scan command using a command like 'nmap -sSU -p
      U:53,111,137,T:21-25,80,139,515,6000,8080 target.com'. See the
      man page for more usage info.
    * Added mysterious, undocumented --scanflags and --fuzzy options.
    * Nmap now provides IPID as well as TCP ISN sequence
      predictability reports if you use -v and -O.
    * SYN scan is now the default scan type for privileged (root)
      users. This is usually offers greater performance while reducing
      network traffic.
    * Capitalized all references to God in error messages.
    * Added List scan (-sL) which enumerates targets without scanning
      them.
    * The Nmap "random IP" scanning mode is now smart enough to skip
      many unallocated netblocks.
    * Tons of more minor features, bugfixes, and portability enhancements.


To generate a diff of this commit:
cvs rdiff -r1.7140 -r1.7141 doc/pkg-CHANGES

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.