Subscribe: Nmap Development
Added By: Feedage Forager Feedage Grade A rated
Language: English
apos  ciphers consistently  ciphers  consistently posted  feb  list ciphers  list  make money  money posted  nmap list  nmap make  nmap  posted 
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: Nmap Development

Nmap Development

Unmoderated technical development forum for debating ideas, patches, and suggestions regarding proposed changes to Nmap and related projects. Subscribe here.

Published: Sun, 18 Feb 2018 00:45:04 GMT

Last Build Date: Sun, 18 Feb 2018 00:45:04 GMT


[Crash report] utf8 codec

Sun, 18 Feb 2018 00:43:36 GMT

Posted by Hoang Manh Ngoc on Feb 17

Hi Nmap Team,

I am using Zenmap. When I enter unicode character accidently in Search
scans dialog, program crash (I want to type 'ras' but in my language it
becomes 'rá').

Here is the crash report:

Version: 7.60
Traceback (most recent call last):
File "zenmapGUI\SearchGUI.pyo", line 488, in update_search_entry
File "zenmapGUI\SearchGUI.pyo", line 510, in start_search

Re: nmap does not list ciphers consistently

Sun, 18 Feb 2018 00:42:35 GMT

Posted by nayakani on Feb 17

Hi Daniel, It seems nmap behavior is different on Mac OS vs Windows OS. As per a test done on a Windows following nmap
command with "min/max rtt timeout value of 10sec" does consistency list the Ciphers.

What would be the logic behind it why RTT of 10 sec on direct attach would make any difference. Is is any delayed
response from the target IP which was causing possible failure ? Why is this so sensitive in Windows?


Fixing traceroute results over PPP connections

Sun, 18 Feb 2018 00:42:09 GMT

Posted by Gerardo García Peña on Feb 17


I have made the following PR on github:

I only have introduced a little exception, but if you feel that it needs
more fine tuning I would try to do my best for improving this patch.


The PR text:

I have observed that traceroute tasks are completely ignored when they are
executed through a PPP connection.

Having following configuration (a standard PPPoE home configuration):

$ ifconfig...

Re: nmap does not list ciphers consistently

Wed, 14 Feb 2018 03:11:56 GMT

Posted by Daniel Miller on Feb 13


Are you using the same version of Nmap on both Mac and Windows? The current
version of the script uses Nmap's discovered timeout value (about .2
seconds in your case) plus 5 seconds. This ought to be very generous for
the initial TCP connection, and we thought it was sufficient for the
subsequent TLS handshake. Nmap 6.47 and earlier used a static 5-second
timeout, which is close enough to be the same in your case.


Recent changes to -sV and softmatches

Tue, 13 Feb 2018 05:52:37 GMT

Posted by Daniel Miller on Feb 12

Hi, Nmap devs and users!

Recently, I pushed a series of 3 changes that update the way Nmap does
service and application version detection. Hopefully, these will result in
better detection of services on unusual ports as well as speed up detection
of some services on very common ports. The full documentation for version
detection, including a description of the softmatch mechanism is in Nmap
Network Scanning chapter 7 [1].

First, r37130 aligns...


Wed, 07 Feb 2018 22:05:56 GMT

Posted by Joey DeFrancesco on Feb 07


I am attempting to cross-compile nmap-7.60 for QNX(ARM arch) (or any
version for that matter). And I keep running into some sort of issue or
another. One primary issue I believe has to do with the management of
and conflicting in quite a few files.

For example I have had to deal a lot of errors such as these:

TADIR=\"/usr/local/share/nmap\" -D_FORTIFY_SOURCE=2 -Vgcc_ntoarmv7le_cpp

In file...

Re: Nmap can make you more money

Tue, 06 Feb 2018 17:16:51 GMT

Posted by Jeffrey G. Gomberg on Feb 06

Why of course you’re not my good man . . .

Re: nmap does not list ciphers consistently

Tue, 06 Feb 2018 01:01:16 GMT

Posted by nnposter on Feb 05

It is possible that your scan might be exceeding the performance limit
of your target (not the network). Try slowing the scan down by adding
-T1 and probing only one port at a time. (As an example, I always use
-T1 or -T2 when running nmap scripts against IoT devices.)

Another possibility is that the target does not handle concurrent access
in general, either due to its technical limitations or some defensive
rate-limiting control.


Re: Nmap can make you more money

Tue, 06 Feb 2018 00:44:32 GMT

Posted by Jeffrey G. Gomberg on Feb 05

Probably bundled with xCoin mining code.

Re: Nmap can make you more money

Tue, 06 Feb 2018 00:40:34 GMT

Posted by Fyodor on Feb 05

Thanks for your offer (not really), but the Nmap Project would never betray
the trust of our users by bundling crapware like Luminati with our free
network scanning software.


Nmap can make you more money

Tue, 06 Feb 2018 00:34:44 GMT

Posted by lior on Feb 05


My name is Lior and I'd like to offer you a new way to make money off your
The Luminati SDK provides your users the option to use your software for
free by contributing to the Luminati proxy network.

We will pay you $3,000 USD a month for every 100K daily active users.
No collection of users' data, no disruption of user experience.

I'd like to schedule a 15 minute call to let you know how we can start. Are

NSE Script

Tue, 06 Feb 2018 00:06:08 GMT

Posted by Moses Hernandez on Feb 05

PR #1125 will allow individuals to locate the presence of WebVPN for Cisco SSL VPN’s in their environment or perimeter.
This would help identify potentially Cisco ASA Firewalls but other devices can have webvpn enabled as well.


Re: nmap does not list ciphers consistently

Tue, 06 Feb 2018 00:05:53 GMT

Posted by NAYAK, ANIL KUMAR on Feb 05

Thanks Daniel,

Please find below test result where nmap faild to list the ciphers
under port 5989/8443. I would like to
re-iterate , multiple tests results shows differnet results, The
superset of the result does list the desired
ciphers at port 443/8443 & 5989. Results are similar whether it is
ports are switch attached or direct attached.

nmap -d --script +ssl-enum-ciphers

Starting Nmap 7.60 (...

[NSE][GH#1129] Dot-related inconsistencies in url.absolute()

Sun, 04 Feb 2018 03:35:16 GMT

Posted by nnposter on Feb 03

Forwarding GH#1129 to the dev list for soliciting opinions.

NSE function url.absolute() is not always returning results according to
RFC 3986 when . or .. are involved.


Nmap Project taking the year off for GSoC 2018

Tue, 23 Jan 2018 18:18:36 GMT

Posted by Fyodor on Jan 23

Hi folks! The Google Summer of Code program has been wonderful for the
Nmap Project and we have participated in all 13 years as described at That being said, we have decided to take 2018 off so
we can focus on some larger Nmap projects. We find GSoC more suitable for
smaller tasks because of its short duration by new student developers.

For this reason, Nmap won't be applying for the 2018 program (org