The release of Nmap 7.93 network security scanner is available, designed to conduct a network audit and identify active network services. The issue was formed on the day of the 25th anniversary of the project. It is noted that over the years the project has evolved from a conceptual port scanner, published in 1997 in Phrack magazine, into a full-featured application for analyzing network security and determining the server applications used. The release mainly includes fixes and improvements aimed at improving stability and resolving known issues before starting work on a new significant branch of Nmap 8.
Major changes:
- Updated to version 1.71 is the Npcap library used for capturing and substituting packets on the Windows platform. The library is developed by the Nmap project as a replacement for WinPcap, built using the modern Windows API NDIS 6 LWF and demonstrates higher performance, security and reliability.
- A build with OpenSSL 3.0 has been provided, cleared of calls to functions deprecated in the new branch.
- Updated libraries libssh2 1.10.0, zlib 1.2.12, Lua 5.3.6, libpcap 1.10.1.
- In the NSE (Nmap Scripting Engine), which allows you to execute scripts to automate various actions with Nmap, exception and event handling has been improved, as well as the return of unused pcap sockets has been adjusted.
- Enhanced capabilities of NSE scripts dhcp-discover/broadcast-dhcp-discover (allowed to set client ID), oracle-tns-version (added detection of Oracle 19c+ releases), redis-info (fixed problems with displaying inaccurate information about connections and cluster nodes) .
- Updated signature databases to identify network applications and operating systems. Replaced legacy CPE identifiers (Common Platform Enumeration) for IIS services.
- Problems with determining routing information on the FreeBSD platform have been resolved.
- Ncat has added support for SOCKS5 proxies that return the bind address in the form of a hostname rather than an IPv4/IPv6 address.
- Fixed an issue with Linux detecting network interfaces that do not have IPv4 cores bound to them.
Source: opennet.ru