Network Security Analysis Tool v 1.5 (c) 1999-2003 by Mixter 1.5 - * Compiling stability fixes * Updated timing values * Ping Dependence as a concept is not reliable. Disabled by default. * Added configure option to compile with scanning childs as lightweight pthreads to enhance performance. 1.43 - * Added advanced IDS evasion levels 4/5 and config options respectively * Added web-only configuration file (webonly.conf) 1.42 - * Did porting of NSAT for MAC OS X (Darwin) compatibility (Thanks infaux@cyberspace.org, jules@killall5.de) * Fix attribute bug in mkdir() call for non-root users 1.41 - * Replaced old OS fingerprinting with xprobe's ICMP/UDP OS detection * Added an option to put logs for each target in a separate directory * Fixed a major timeout issue for firewalled/unresponsive hosts * A few necessary bugfixes 1.32 - * Fixed an ugly bug with snmp community names * Optimized a few internal things for better speed and stability * New, cleaned-up Logging system (it's a class now) * Implemented rudimentary distributed scanning (via -A and -M switches) * First release as a SourceForge project 1.31 - * Removed private vulnerability information 1.30 - * An improved, private version for 2XS 1.24 - * Fixed segfault in snmp namelist checking * Fixed a few compiling warnings for newer compilers 1.23 - * Fixed cgi scanning for unicode URL's * Changed scanning output to have one including host entry per line * Improved bind version scanning * Updated internal LibMix API to latest version * Added scan target exclusion (-E), for more info see manpage 1.22 - * Added automatic library detection to configure script (editing it in the Makefiles was just too annoying). * A few optical improvements 1.21 - * Added config variables to progressindicator class. * Implementation of new options into scan recovery, and re-reading of NSAT config file on resuming. * Some more bugfixes and cosmetic changes. * Compiling and beta tests on OpenBSD. 1.20 - * BETA version. * Lots of tons of bugfixes. * Reformatted log messages and output. * Added verbose console status reporting, all services that are found are displayed verbosely to standard output, if in console mode. 1.199 - * Moved most sentences and strings to lang.h * Moved all compile-time configuration settings to lang.h * Updated manpage, etcblah. 1.198 - * Added command-line Vhost support * Added mysql, hp remotewatch, squid to services * Re-wrote webscanner, added IDS evasion, added CGI vulnerability list * Stocked up vulnerable CGIs to around 350 * Add verbosity level report, services report, etc. on startup * Audited scanner to sort out dangerous scans (intrusive scans, active exploiting, scans that could cause DoS) 1.19 - * ALPHA version. Redesigned scanner. * Re-wrote SockSet class. Select call, polling, etc. improved * Wrote config file for nsat, added modular scanning * Services to scan can be selected individually in the configuration * Added old-style verbosity level emulation mode * Added scan verbosity levels for most services 1.14 - * Implemented Libmix++ functions * Rewrote RPC logging and formatting (service list, vuln entries) * Rewrote port logging (port list, vuln/backdoor entries) * Fixed some bugs that created zero size log files * Upgraded ADMsmb to v 0.2 (still doesn't run on solaris, oh well) * Wrote configure file, config.h.in, Makefiles, etc. for portability * Rewrote backdoor scanning in conjunction with portscanning 1.13 - * STUPID socket/connection handling bugs fixed * makefiles re-organized for faster compiling * added anonymous ftp logging * implemented FD_SETSIZE macros, fdmax(), writing to /proc, setrlimit, and other performance stuff 1.12 - * Detects Cisco vulnerabilities * Now detects 181 vulnerable CGI scripts * Vulnerability and risk information updated * Catch SEGV/SEGBUS caused by faulty siglongjmp and sigsetjmp functions (solution by guidob@synnergy.net) * Y2K bug fix for web scanning pattern matching function 1.11 - * Now also compiles on BSD and other systems * Detects sendmail 8.9 remote vulnerability * Detects trinoo (DoS) master servers * Advisories updated 1.10 - * Handful of new serious CGI holes added to www auditing * Detects new RPC vulnerabilities, can do complete rpc service dump * Fixed ugly bug with select, oh oh ;x * Sendmail scanning improved / more reliable 1.09 - * will now make sure all scanning processes are finished before exiting (preventing incomplete scans) * OS scanning fixed/tweaked, some prints added 1.08 - * xnsat GUI redesign * added 2 new -v scanning levels * redid the webscan procedure and updated to 170 cgis 1.07 - * added -l process lifetime option * webscan was not working due to a silly bug * fixed segfaults that were results of the object pointer 'this' being overwritten 1.06 - * fixed pid allocation threads (exit instead of return produces deadlocks) * fixed a *cough cough* buffer overflow in progress.C * updated jumps to properly restore signal actions 1.05 - * changed service scanning order for performance enhancement * improved file descriptor handling 1.04 - First beta release