Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Nmap Development: Re: First Nmap SOC release! Nmap 4.22SOC1

Re: First Nmap SOC release! Nmap 4.22SOC1

From: Dave Moore <dave.j.moore_at_gmail.com>
Date: Tue, 10 Jul 2007 11:07:37 -0500

Hi everyone - congrats on another great release. It worked right out
of the box, with the exception of UMIT:

On 7/8/07, Fyodor <fyodor_at_insecure.org> wrote:
> Hi Everyone! I'm happy to put out the first test release with all of
<snip>
> o The UMIT graphical Nmap frontend is now included (as an ALPHA TEST

Everything configures and makes just fine, then I try to run UMIT..

kunwon1_at_kunwon1:~$ rm -r .umit/
kunwon1_at_kunwon1:~$ umit
DEBUG - 2007-07-10 10:58:09,235 - >>> Create user dir at given home:
/home/kunwon1
DEBUG - 2007-07-10 10:58:09,237 - >>> Using
/usr/local/share/umit/config/umit.conf as source
DEBUG - 2007-07-10 10:58:09,343 - >>> Umit user dir successfully
created! /home/kunwon1/.umit
DEBUG - 2007-07-10 10:58:09,344 - >>> copy_config_file options.xml to
/home/kunwon1/.umit
DEBUG - 2007-07-10 10:58:09,345 - >>> copy_config_file
profile_editor.xml to /home/kunwon1/.umit
DEBUG - 2007-07-10 10:58:09,347 - >>> copy_config_file
recent_scans.txt to /home/kunwon1/.umit
DEBUG - 2007-07-10 10:58:09,348 - >>> copy_config_file
scan_profile.usp to /home/kunwon1/.umit
DEBUG - 2007-07-10 10:58:09,350 - >>> copy_config_file target_list.txt
to /home/kunwon1/.umit
DEBUG - 2007-07-10 10:58:09,351 - >>> copy_config_file umit_version to
/home/kunwon1/.umit
DEBUG - 2007-07-10 10:58:09,353 - >>> copy_config_file umit.db to
/home/kunwon1/.umit
DEBUG - 2007-07-10 10:58:09,355 - >>> copy_config_file wizard.xml to
/home/kunwon1/.umit
DEBUG - 2007-07-10 10:58:09,356 - >>> copy_config_file umit.conf to
/home/kunwon1/.umit
DEBUG - 2007-07-10 10:58:09,359 - >>> Using recently created config
files in user home: /home/kunwon1/.umit/umit.conf
DEBUG - 2007-07-10 10:58:09,360 - >>> Config file: /home/kunwon1/.umit/umit.conf
DEBUG - 2007-07-10 10:58:09,599 - Register default_icon icon name for
file /usr/local/share/pixmaps/default.svg
DEBUG - 2007-07-10 10:58:09,600 - Register freebsd_icon icon name for
file /usr/local/share/pixmaps/freebsd.svg
DEBUG - 2007-07-10 10:58:09,602 - Register irix_icon icon name for
file /usr/local/share/pixmaps/irix.svg
DEBUG - 2007-07-10 10:58:09,603 - Register linux_icon icon name for
file /usr/local/share/pixmaps/linux.svg
DEBUG - 2007-07-10 10:58:09,604 - Register macosx_icon icon name for
file /usr/local/share/pixmaps/macosx.svg
DEBUG - 2007-07-10 10:58:09,605 - Register openbsd_icon icon name for
file /usr/local/share/pixmaps/openbsd.svg
DEBUG - 2007-07-10 10:58:09,606 - Register redhat_icon icon name for
file /usr/local/share/pixmaps/redhat.svg
DEBUG - 2007-07-10 10:58:09,607 - Register shadow_man_icon icon name
for file /usr/local/share/pixmaps/shadow_man.svg
DEBUG - 2007-07-10 10:58:09,608 - Register solaris_icon icon name for
file /usr/local/share/pixmaps/solaris.svg
DEBUG - 2007-07-10 10:58:09,610 - Register ubuntu_icon icon name for
file /usr/local/share/pixmaps/ubuntu.svg
DEBUG - 2007-07-10 10:58:09,611 - Register unknown_icon icon name for
file /usr/local/share/pixmaps/unknown.svg
DEBUG - 2007-07-10 10:58:09,612 - Register win_icon icon name for file
/usr/local/share/pixmaps/win.svg
DEBUG - 2007-07-10 10:58:09,613 - Register vl_1_logo icon name for
file /usr/local/share/pixmaps/vl_1.svg
DEBUG - 2007-07-10 10:58:09,614 - Register vl_2_logo icon name for
file /usr/local/share/pixmaps/vl_2.svg
DEBUG - 2007-07-10 10:58:09,615 - Register vl_3_logo icon name for
file /usr/local/share/pixmaps/vl_3.svg
DEBUG - 2007-07-10 10:58:09,615 - Register vl_4_logo icon name for
file /usr/local/share/pixmaps/vl_4.svg
DEBUG - 2007-07-10 10:58:09,617 - Register vl_5_logo icon name for
file /usr/local/share/pixmaps/vl_5.svg
Traceback (most recent call last):
  File "/usr/local/bin/umit", line 34, in <module>
    from umitGUI.App import App
  File "/usr/local/lib/python2.5/site-packages/umitGUI/App.py", line
30, in <module>
    from umitGUI.MainWindow import MainWindow
  File "/usr/local/lib/python2.5/site-packages/umitGUI/MainWindow.py",
line 38, in <module>
    from umitGUI.ScanNotebook import ScanNotebook, ScanNotebookPage
  File "/usr/local/lib/python2.5/site-packages/umitGUI/ScanNotebook.py",
line 35, in <module>
    from umitGUI.Icons import get_os_icon, get_os_logo, get_vulnerability_logo
  File "/usr/local/lib/python2.5/site-packages/umitGUI/Icons.py", line
101, in <module>
    pixbuf = gtk.gdk.pixbuf_new_from_file(file)
gobject.GError: Couldn't recognize the image file format for file
'/usr/local/share/pixmaps/default.svg'

I did some googling and tried a few things, like installing
librsvg2-dev, which didn't fix the problem. IANAPP (I am not a python
programmer) but I looked up the function definition in the PyGTK
reference for pixbuf_new_from_file, it doesn't seem to have any
specifications as to which image file formats are acceptable, so I'm
assuming it's a broken library somewhere or something similar.

I'm very much looking forward to trying UMIT, any suggestions would be
appreciated

Kubuntu 7.04
Linux kunwon1 2.6.20-16-generic #2 SMP Thu Jun 7 20:19:32 UTC 2007
i686 GNU/Linux

> release) with the Nmap tarball distribution. It isn't yet in the
> RPMs or the Windows distributions. UMIT is written with Python/GTK
> and has many huge advantages over NmapFE. It installs from the Nmap
> source tarballs as part of the "make install" process unless you
> specify --without-umit to configure. Please give UMIT a try (the
> executable is named umit) and let us know the results! We hope to
> include UMIT in the Windows Nmap distributions soon.
>
> o The port selection mechanism was overhauled. Nmap now knows
> (roughly) how common various services are, so you can specify
> options such as --top-ports 50 to scan the 50 most popular ports.
> You can also use the new --port-ratio option to scan ports above a
> given popularity level. You can also now give the -p option service
> names (such as 'http') and wildcards (such as http* to include
> services such as https and http-mgmt). There is also a bracket ([])
> operator for scanning all known ports within a given range. All
> these changes, by Doug Hoyte, are described at
> http://seclists.org/nmap-dev/2007/q2/0224.html .
>
> o Added more Nmap Scripting Engine scripts, bringing the total to 31.
> The new ones are bruteTelnet (Eddie Bell), SMTPcommands (Jason
> DePriest), iax2Detect (Jason), nbstat (Brandon Enright),
> SNMPsysdescr (Thomas Buchanan), HTTPAuth (Thomas), finger (Eddie),
> ircServerInfo (Doug Hoyte), and MSSQLm (Thomas Buchanan).
>
> o Added the --reason option which explains WHY Nmap assigned a port
> status. For example, a port could be listed as "filtered" because
> no response was received, or because an ICMP network unreachable
> message was received. [ Eddie ]
>
> o Integrated all of your 2nd generation OS detection submissions,
> increasing the database size by 68% since 4.21ALPHA4 to 699
> fingerprints. The 2nd generation database is now nearly half (42%)
> the size of the original. Please keep those submissions coming so
> that we can do another integration round before the SoC program ends
> on August 20! Thanks to David Fifield for doing most of the
> integration work!
>
> o Integrated version detection submissions. The database has grown by
> more than 350 signatures since 4.21ALPHA4. Nmap now has 4,236
> signatures for 432 service protocols. As usual, Doug Hoyte deserves
> credit for the integration marathon, which he describes at
> http://hcsw.org/blog.pl .
>
> o Added the NSE library (nselib) which is a library of useful
> functions (which can be implemented in LUA or as loadable C/C++
> modules) for use by NSE scripts. We already have libraries for bit
> operations (bit), list operations (listop), URL fetching and
> manipulation (url), activation rules (shortport), and miscelaneous
> commonly useful functions (stdnse). Stoiko added the underlying
> functionality, though numerous people contributed to the library
> routines.
>
> o Added --servicedb and --versiondb command-line options which allow
> you to specify a custom Nmap services (port to port number translation
> and port frequency) file or version detection database. [ David
> Fifield ]
>
> o The build dependencies were dramatically reduced by removing
> unneccessary header includes and moving header includes from .h
> files to .cc as well as adding some forward declarations. This
> reduced the number of makefile.dep dependencies from 1469 to 605.
> This should make Nmap compilation faster and prevent some
> portability problems. [David Fifield]
>
> o Upgraded from WinPcap 3.1 to WinPcap 4.01 and fixed a pcap installer
> error. [Eddie]
>
> o In verbose mode, Nmap now reports where it obtains data files (such as
> nmap-services) from. [David Fifield]
>
> o Canonicalized a bunch of OS classes, device types, etc. in the OS
> detection and version scanning databases so they are named
> consistently. [Doug]
>
> o If we get a ICMP Protocol Unreachable from a host other than our
> target during a port scan, we set the state to 'filtered' rather than
> 'closed'. This is consistent with how port unreachable errors work for
> udp scan. [Kris]
>
> o Relocated OSScan warning message (could not find 1 closed and 1 open
> port). Now output.cc prints the warning along with a targets OSScan
> results. [Eddie]
>
> o Fixed a bug which caused port 0 to be improperly used for gen1 OS
> detection in some cases when your scan includes port 0 (it isn't
> included by default). Thanks to Sebastian Wolfgarten for the report
> and Kris Katterjohn for the fix.
>
> o The --iflist table now provides Winpcap device names on
> Windows. [Eddie]
>
> o The Nmap reference guide (man page) Docbook XML source is now in the
> SVN repository at svn://svn.insecure.org/nmap/docs/refguide.xml .
>
> o NSE now has garbage collection so that if you forget to close a
> socket before exiting a script, it is closed for you. [Stoiko]
>
> o The <portused> tag in XML output now provides the open TCP port used
> for OS detection as well as the closed TCP and UDP ports which were
> reported previously. [Kris]
>
> o XML output now has a <times> tag for reporting final time
> information which was already printed in normal output in verbose
> mode (round trip time, rtt variance, timeout, etc.) [Kris]
>
> o Changed the XML output format so that the <extrareasons> tag (part
> of Eddie's --reason patch) falls within the <extraports> tag. [Kris]
>
> o Nmap now provides more consise OS fingerprints for submission thanks
> to better merging. [David Fifield]
>
> o A number of changes were made to the Windows build system to handle
> version numbers, publisher field, add/remove program support,
> etc. [Eddie]
>
> o The Nmap -A optionm now enables the traceroute option too [Eddie]
>
> o Improved how the Gen1 OS Detection system selects which UDP ports to
> send probes to. [Kris]
>
> o Updated nmap-mac-prefixes to latest IEEE data as of 5/18/07. Also
> removed some high (greater than 0x80) characters from some company
> names because they were causing this error on Windows when Nmap is
> compiled in Debug mode:
> isctype.c Line 56: Expression: (unsigned)(c + 1) <= 256".
> Thanks to Sina Bahram for the initial report and Thomas Buchanan for
> tracking down the problem.
>
> o Added a SIP (IP phone) probe from Matt Selsky to nmap-service-probes.
>
> o Fixed a bug which prevented the NSE scripts directory from appearing
> in the Win32 .zip version of Nmap.
>
> o Fixed a bug in Traceroute's output. It occured when a traced host could
> be fully consolidated, but only the first hop number was outputted. [Kris]
>
> o The new "rnd" option to -D allows you to ask Nmap to generate random
> decoy IPs rather having to specify them all yourself. [Kris]
>
> o Fixed a Traceroute bug relating to scanning through the localhost
> interface on Windows (which previously caused a crash). Thanks to
> Alan Jones for the report and Eddie Bell for the fix.
>
> o Fixed a traceroute bug related to tracing between interfaces of a
> multi-homed host. Thanks to David Fifield for reporting the problem
> and Eddie Bell for the fix.
>
> o Service detection (-sV) and OS detection (-O) are now (rightfully)
> disabled when used with the IPProto Scan (-sO). Using the Service
> Scan like this led to premature exiting, and the OS Scan led to gross
> inaccuracies. [Kris]
>
> o Updated IANA assignment IP list for random IP (-iR) generation. [Kris]
>
>
> Enjoy!
> -Fyodor
>
>
> _______________________________________________
> Sent through the nmap-dev mailing list
> http://cgi.insecure.org/mailman/listinfo/nmap-dev
> Archived at http://SecLists.Org
> 

-- 
==========
A human being should be able to change a diaper, plan an invasion,
butcher a hog, conn a ship, design a building, write a sonnet, balance
accounts, build a wall, set a bone, comfort the dying, take orders,
give orders, cooperate, act alone, solve equations, analyze a new
problem, pitch manure, program a computer, cook a tasty meal, fight
efficiently, die gallantly. Specialization is for insects. -Heinlein
This message copyright (c) 2004-2007 David J Moore
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Received on Jul 10 2007
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos