# Nmap Changelog



*** Version 2.12 Changes ***

-- Changed the way tcp connect() scan determines the results of a
   connect() call.  Hopefully this will make nmap a little more
   portable.

-- Got rid of the security warning message for people who are missing
   /dev/random and /dev/urandom due to complaints about the warning.
   This only silences the warnings -- it still uses relatively weak
   random number generation under Solaris and other systems that lack
   this functionality.

-- Eliminated pow() calls on Linux boxes.  I think some sort of glibc
   bug was causing nmap to sigsegv in some cases inside of pow().
   Most people weren't affected, but those who were would almost
   always SIGSEGV with -O.

-- Fixed an rpm problem noted by Mark Smith <marks@senet.com.au>

*** Version 2.11 Changes ***

-- Many new fingerprints added.  I received more than 300 submissions
   between this release and the last one.

-- Fixed IRIX problems which prevented OS scanning from working on
   that platform.  The problem was researched and solution found by
   Lamont Granquist <lamontg@u.washington.edu>.  You can also thank
   him for porting nmap to almost every UNIX around.

-- Added support for '-m -' to redirect machine readable logs to
   stdout for shell pipelining, etc.  I also changed machine readable
   output to show service names now that we use a nmap specific
   services file rather than /etc/services.  These features were
   suggested by Dan Farmer.  You can also thank him for SATAN (the
   auditing tool).

-- Fixed a link-list bug that could cause hangs in UDP,FIN,NULL, and
   XMAS scans.  Also fixed a ptr problem that could cause SIGSEGV.
   These problem were discovered and tracked down by Ben Laurie
   <ben@algroup.co.uk>.  You can also thank him for Apache, OpenSSL,
   and Apache-SSL.

-- Fixed installation problem for people without a /usr/local/man/man1
   directory.  Found by Jeffrey Robertson <a-jeffro@microsoft.com>.
   I guess you can thank him for Win98 ;).

-- Several other little fixes to the installation script and minor
   scanner tweaks.

*** Version 2.10 Changes ***

-- Private test release 

*** Version 2.09 Changes ***

-- Private test release 

*** Version 2.08 Changes ***

-- Bugfix for problem that can cause nmap to appear to "freeze up" for long
   periods of time when run on some busy networks. (found by Lamont Granquist)

*** Version 2.07 Changes ***

-- Fixed a lockup on Solaris (and perhaps other proprietary UNIX
   systems) caused by a lack of /dev/random & /dev/urandom and a
   rand() that only returns values up to 65535.  Users of Free
   operating systems like Linux, FreeBSD, or OpenBSD probably
   shouldn't bother upgrading.

***Version 2.06 Changes***

-- Fixed compile problems on machines which lack snprintf() (found by Ken
   Williams <jkwilli2@unity.ncsu.edu>)
-- Added the squid proxy to nmap-services (suggested by Holger Heimann)
-- Fixed a problem where the new memory allocation system was handing out
   misaligned pointers.
-- Fixed another memory allocation bug which probably doesn't cause any
   real-life problems.
-- Made nmap look in more places for nmap-os-fingerprints

***Version 2.05 Changes***

-- Tons of new fingerprints.  The number has grown by more than 25%.
  In particular, Charles M. Hannum <root@ihack.net> fixed several
  problems with NetBSD that made it easy to fingerprint and he sent me
  a huge new batch of fingerprints for various NetBSD releases down to
  1.2.  Other people sent NetBSD fingerprints down to 1.0.  I finally
  got some early Linux fingerprints in (down to 1.09).

-- Nmap now comes with its own nmap-services which I created by
   merging the /etc/services from a bunch of OS' and then adding
   Netbus, Back Orifice, etc.

-- Random number generation now takes advantage of the /dev/urandom or
   /dev/random that most free operating systems offer.

-- Increased the maximum number of OS guesses nmap will make, told
   nmap never to give you two matches where the OS names are
   byte-to-byte equivalent.  Fixed nmap to differentiate between "no
   OS matches found" and "too many OS matches to list".

-- Fixed an information leak in the packet TTL values (found by 
   HD Moore <hdmoore@usa.net>)

-- Fixed the problem noted by Savva Uspensky about offsets used for
   various operating systems' PPP/SLIP headers.  Due to lack of
   responses regarding other operating systems, I have made
   assumptions about what works for BSDI, NetBSD, and SOLARIS.  If
   this version no longer works on your modem, please let me know (and
   tell me whether you are using SLIP/PPP and what OS you are
   running).

-- Machine parseable logs are now more machine parseable (I now use a
   tab to seperate test result fields rather than the more ambiguous
   spaces.  This may break a few things which rely on the old format.
   Sorry.  They should be easy to fix.

-- Added my nmap-fingerprintinting-article.txt to the distribution in
   the docs directory.

-- Added a CHANGELOG file to the distribution.

-- Fixed problem where nmap -sS <my_ethernet_or_ppp_ip_address> would
   not correctly scan localhost (due to the kernel rerouting the
   traffic through localhost).  Nmap should now detect and work around
   this behavior.

-- Applied patch sent to my by Bill Fenner <fenner@parc.xerox.com>
   which fixes various SunOS compatibility problems.

-- Changed the makefile 'all' target to use install-sh rather than 
   mkdir -p (doesn't work on some systems)

-- Documentation updated and clarified slightly.

