Home page logo
/

Nmap Announce mailing list archives

Announce: nmap-3.30+V-2.34 ("Version" Scanning)
From: "Jay Freeman \(saurik\)" <saurik () saurik com>
Date: Fri, 18 Jul 2003 18:25:30 -0700

I'm lazy, so rather than come up with a new description, I'm just going to
link to some of my old ones :).

http://lists.insecure.org/lists/nmap-hackers/2000/Apr-Jun/0076.html
http://lists.insecure.org/lists/nmap-hackers/2000/Apr-Jun/0080.html
http://lists.insecure.org/lists/nmap-hackers/2000/Jul-Sep/0059.html

Changelog:

o Added a few new protocol detection fingerprints:

    - PostgreSQL 7.3
    - SpamAssassin
    - BIND rndc
    - Sieve

o Removed the miscellaneous garbage that I had been accumulating in
  the tree. Things such as libtabular (that got killed by Fyodor's
  so-called XML implementation), Anakrino (which convinced me to
  never program in C ever again), and the modular scan system (that
  was way, way too painful to merge with Fyodor's new versions as
  it required moving all the code for the scans to different files).

o Minimized the effects of my patch in a few silly cases. An example
  is my renaming the variable protocol to proto just because I wanted
  the name for something else. That was stupid :). I just change _my_
  variable instead.

o Fixed a somewhat longstanding typo I introduced into nmapFE that
  caused it to not compile for reasons I never cared to look into.

o Moved most of my code into its own file so I could stop infecting
  the poor, abused nmap.cc.

o Added an extra debugging level that uses C++ stream I/O (god I love
  C++) to cutely print out the server responses so that it becomes
  much easier for me to add new fingerprints. If you can't compile
  because of it I want to say "too bad", but considering how isolated
  the change was just tell me and I'll remove it (although you should
  really upgrade your compiler as I'm probably going to start moving
  to using templates soon now that Fyodor's finally got on the C++
  bandwagon).

FTP Information (for "released" versions):

  Source: ftp://ftp.saurik.com/pub/nmap/nmap-3.30+V-2.34.tgz
  Patch: ftp://ftp.saurik.com/pub/nmap/nmap+V-2.34
  Win32 Binaries: not available for this release... sorry

Note that if you connect to my FTP server and you only find one file (and it
isn't the right one at that), give it an hour or two and try again. I just
changed the DNS on my FTP server, and the one it was pointing at before only
had a download for the latest version and nothing else.

CVS Information (for current versions):

  Repository: :pserver:anoncvs () cvs saurik com:/cvs/nmap
  Module: nmap
  Password: anoncvs

(Note that this is a different username/password than it used to be for
silly reasons.)

Example Output (for the curious; and yes, it should line up with a fixed
width font):

[root(2)@ironclad nmap]# ./nmap -sS -sVVV -F saurik.net

Starting nmap 3.30+V ( http://www.insecure.org/nmap/ ) at 2003-07-18 20:03
CDT
Interesting ports on saurik.net (209.224.199.248):
(The 1177 ports scanned but not shown below are in state: closed)
Port       State       Service             Protocol     Version
17/tcp     open        qotd                Go Text      GNU Go 3.0.0
21/tcp     open        ftp                 FTP          wu-2.6.1-20
23/tcp     open        telnet              Telnet
25/tcp     open        smtp                SMTP         Sendmail
8.11.6/8.11.6
53/tcp     open        domain
80/tcp     open        http                HTTP         Apache/1.3.14 (Unix)
  <Title>: Is this page here yet?
110/tcp    open        pop-3               POP3         Cyrus v2.0.12
143/tcp    open        imap2               IMAP         Cyrus v2.0.12
443/tcp    open        https               SSL
873/tcp    open        rsync               rsync        Protocol v 26
993/tcp    open        imaps               SSL
995/tcp    open        pop3s               SSL
2000/tcp   open        callbook            Sieve        Cyrus timsieved
v1.0.0
2401/tcp   open        cvspserver          CVS
3306/tcp   open        mysql               MySQL        3.23.52
5432/tcp   open        postgres            PostgreSQL   (7.1?), 7.2
6001/tcp   open        X11:1               X11
6667/tcp   open        irc
8009/tcp   open        ajp13               Ajp13        Apache Tomcat
8080/tcp   open        http-proxy          HTTP         Apache Tomcat/4.0.4
(HTTP/1.1 Connector)
  <Title>: Apache Tomcat/4.0.4 - Error report

Nmap run completed -- 1 IP address (1 host up) scanned in 125.422 seconds

[root(2)@ironclad nmap]# ./nmap -sS -sVVV localhost

Starting nmap 3.30+V ( http://www.insecure.org/nmap/ ) at 2003-07-18 20:07
CDT
Interesting ports on localhost.localdomain (127.0.0.1):
(The 1621 ports scanned but not shown below are in state: closed)
Port       State       Service             Protocol     Version
17/tcp     open        qotd
21/tcp     open        ftp                 FTP          wu-2.6.2-8
22/tcp     open        ssh                 SSH          1.99-OpenSSH_3.4p1
23/tcp     open        telnet              Telnet
25/tcp     open        smtp                SMTP         Sendmail
8.12.6/8.12.6
53/tcp     open        domain
80/tcp     open        http                HTTP         Apache/2.0.44 (Unix)
  <Title>: Test Page for Apache Installation
110/tcp    open        pop-3               POP3         Cyrus
v2.1.11-Invoca-RPM-2.1.11-3
111/tcp    open        sunrpc              RPC
113/tcp    open        auth                AUTH
119/tcp    open        nntp                NNTP         INN 2.2.2
13-Dec-1999
143/tcp    open        imap2               IMAP         Cyrus
v2.1.11-Invoca-RPM-2.1.11-3
465/tcp    open        smtps               SSL
587/tcp    open        submission          SMTP         Sendmail
8.12.6/8.12.6
783/tcp    open        hp-alarm-mgr        SpamAssassin
953/tcp    open        rndc                BIND rndc    BIND9
993/tcp    open        imaps               SSL
995/tcp    open        pop3s               SSL
2000/tcp   open        callbook            Sieve        Cyrus timsieved
v2.1.11-Invoca-RPM-2.1.11-3
2401/tcp   open        cvspserver          CVS
5432/tcp   open        postgres            PostgreSQL   7.3
8009/tcp   open        ajp13               Ajp13        Apache Tomcat
8080/tcp   open        http-proxy          HTTP         Apache
Tomcat/4.1.18-LE-jdk14 (HTTP/1.1 Connector)

Nmap run completed -- 1 IP address (1 host up) scanned in 136.170 seconds

Sincerely,
Jay Freeman (saurik)
saurik () saurik com


--------------------------------------------------
For help using this (nmap-hackers) mailing list, send a blank email to 
nmap-hackers-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).


  By Date           By Thread  

Current thread:
  • Announce: nmap-3.30+V-2.34 ("Version" Scanning) Jay Freeman \(saurik\) (Jul 19)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault