Releases: zmap/zmap
v4.1.0-RC-4
This bug release version contains a fix for a breaking bug that would cause the receive thread to become stuck processing a TCP SYN scan packet if it came back with a malformed TCP option. This would happen randomly, but almost always within 100k-100M random hosts scanned.
v4.1.0-RC-3
ZMap v4.1.0-RC2
This release contains several bug fixes found since tagging v4.1.0-RC1:
- Inaccurate estimated time remaining and percentage complete calculations during a multi-port scan
- Fixed building from source on MidnightBSD
- Fixed hitrate calculation with multiple
--probespackets per target
ZMap v4.1.0-RC1
This release has several performance improvements and many bug fixes for various reported issues. We'll push this to the various OS package managers in about a month barring any reported issues!
Changes
- Randomize the IP packet ID to prevent fingerprinting of scan traffic
- Add support for Netmap to increase performance on supported NIC's w/ the requisite drivers
- Add hardware acceleration for AES to improve performance when the CPU begins to become the bottleneck
- Added integration tests and compilation checks for supported OS's as Github Actions
- Added
--probe-argsoptions to theTCP SYNscan module to send TCP header options identical to Ubuntu (default), MacOS, Windows, or No Options. - Various other bug fixes and enhancements
Thanks to everyone who helped contribute features towards this release!
cc: @droe @WangYihang @gutjuri @zakird
Contributors
Assets 2
ZMap 4.0.0 RC1
ZMap 4.0.0 (RC1) introduces the notion of multi-port scanning, which has been a long requested feature. This is a breaking change since ZMap now operates on a metric of (ip,port) target instead of simply IP (e.g., for scan rate). It also introduces new dependencies (e.g., libjudy) to support multi-port scanning and changes ZMap's command-line interface.
Features:
- Multi-port scanning support
- Store link-layer timestamp in
icmp_echo_timemodule (#726) - Build support for ARM-based Macs
ZMap 3.0.0
We're happy to provide ZMap 3.0.0, only slightly under six years late. We recommend using this release over any previous 2.x release.
ZMap 3.0.0 represents several years of development and contains more than a hundred small bug fixes from ZMap 2.1.1., including many fixes for UDP modules, sharding, and progress calculation. Below, are some of the most important changes:
Bugs:
- Fix send rate calculations
- Accept RST packets for SEQ+0 (per RFC)
- Packets per second is packets per second now instead of IPs per second
- MaxResults is now the number of packets that pass the output filter (#502)
- Try all routing tables in Linux
- Fix crash on invalid UDP packets
- Fix failed initialize on single-question DNS probes
- Fix inaccurate blocklist warning
- Use monotonic OS clocks for monitoring and rate estimation
- Fix bugs in UDP template arguments
- Increase UDP PCAP snaplen to prevent packet truncation
- Exit on failed sends
- Fix incorrect time remaining calculations on sharded scans
Features:
- Added --list-of-ips feature which allows scanning a large number (e.g., hundreds of millions or billons) of individual IPS
- Improved user messages when network settings can't be automatically discovered
- Consistent ICMP support and handling across all probe modules (#470)
- Set TCP MSS flags to avoid filtering by destination hosts (#673)
- Sane default behavior that can be explained with other CLI flags
- Non-Flat Result output and JSON result encoding
- IP Fragment Checking
- DNS, TCP SYN-ACK, and Bacnet Probe Module
- Change Whitelist/Blacklist terms to Allowlist/Blocklist
- Add extended validation bytes for probe modules that can use greater entropy
- Support non-continuous source IP's (#516)
- Add NetBSD and DragonFly BSD compatibility code (#411)
- Improved ICMP validation based on returned packet (#419)
Removed Functionality:
- Drop Redis and MongoDB support (#661)
ZMap 3.0.0 RC2
Fix bug in monitor.c that incorrectly reported time remaining.
ZMap 3.0.0 RC1
Fixes for bugs found in 3.0.0 Beta 1, mostly centering around the UDP module.
- Fix crash on invalid UDP packets
- Fix failed initialize on single-question DNS probes
- Fix inaccurate blocklist warning
- Use monotonic OS clocks for monitoring and rate estimation
- Fix bugs in UDP template arguments
- Increase UDP PCAP snaplen to prevent packet truncation
- Exit on failed sends
ZMap 3.0.0 Major Release (Beta 1)
ZMap 3.0.0 represents several years of development and contains more than a
hundred small bug fixes from ZMap 2.1.1. Below, are some of the most
important changes:
Bugs:
- Fix send rate calculations
- Fixed support for PF_RING
- Accept RST packets for SEQ+0 (per RFC)
- Packets per second is packets per second now instead of IPs per second
- MaxResults is now the number of packets that pass the output filter (#502)
- Try all routing tables in Linux
Features:
- Added --list-of-ips feature which allows scanning a large number (e.g., hundreds of millions or billons) of individual IPS
- Improved user messages when network settings can't be automatically discovered
- Consistent ICMP support and handling across all probe modules (#470)
- Set TCP MSS flags to avoid filtering by destination hosts (#673)
- Sane default behavior that can be explained with other CLI flags
- Non-Flat Result output and JSON result encoding
- IP Fragment Checking
- DNS, TCP SYN-ACK, and Bacnet Probe Module
- Change Whitelist/Blacklist terms to Allowlist/Blocklist
- Add extended validation bytes for probe modules that can use greater entropy
- Support non-continuous source IP's (#516)
- Add NetBSD and DragonFly BSD compatibility code (#411)
- Improved ICMP validation based on returned backet (#419)
Removed Functionality:
- Drop Redis and MongoDB support (#661)