Published release of network security scanner Nmap 7.94, designed to conduct a network audit and identify active network services. The project code is supplied under a license NPSL (Nmap Public Thanks for reading License), based on the GPLv2 license, which is supplemented by recommendations (not requirements) for using the OEM licensing program and purchasing a commercial license if the manufacturer does not want to open the code of its product in accordance with the requirements of the copyleft license or intends to integrate Nmap into products , incompatible with the GPL.
The terms of the NPSL license apply only to parties who accept the license in exchange for receiving special rights, such as the right to redistribute Nmap. In this case, the participating party can do whatever it wants under copyright provisions such as fair use, and the Nmap developers will not try to control their work.
Advertisement
Basic changes:
- More than 2,500 application and service version identifiers have been added, and the total size of the identifier database has reached 12,089 records. The number of defined protocols has increased from 1237 to 1246. Among other things, support for the grpc, mysqlx, essnet, remotemouse and tuya protocols has been added.
- Added 336 operating system identifiers. The total number of detected OS versions has been increased to 6036. Versions of iOS 15 and 16, macOS 12 and 13, Linux kernel 6.1, OpenBSD 7.1 and lwIP 2.2 are detected.
- Includes 4 new NSE script to provide automation of various actions with Nmap. New scripts prepared by the community DINA and are aimed at sending requests to various industrial controllers:
- hartip-info – request information using the Highway Addressable Remote Transducer protocol.
- iec61850-mms – sending Manufacturing Message Specification requests.
- multicast-profinet-discovery – sending multicast messages “PROFINET DCP Identify All” and outputting a response.
- profinet-cm-lookup – sending requests to DCERPC handlers via the PNIO-CM service.
- The finished assemblies have updated versions of Lua 5.4.6, libpcre2 10.43, zlib 1.3.1, libssh2 1.11.0 and liblinear 2.47.
- When creating packages with Zenmap and Ndiff, setuptools utilities are used instead of distutils.
- Improved signature matching code when detecting operating systems, changed nmap-os-db syntax to support ranges in TCP option lines.
- The operating system detection engine has been improved, in which the source network port number now changes with each retry.
- The port scanning engine includes some optimizations based on the profiling results.
Thanks for reading: