I’ve recently upgraded to nmap 5.21 on my Fedora 12 box, and it turns out that the RPM’s distributed by Fyodor can’t resolve hostnames (even localhost, uname or /etc/hosts entries) apparently due to his build environment being CentOS 5.3 which has a difference glibc and gethostbyname() implementation. A “fix” is to start the nscd service.

The problem seems to exist in at least 5.00, 5.20 and 5.21 RPM’s of nmap, however ncat works fine. See the thread on the nmap-dev mailing list.

I spoke to the Fedora packager at RedHat and his 5.00 packages currently available via YUM don’t have the problem as they’re built on F12 machines.

Until the Fedora packages hit the repo’s, test builds of 5.21 without the bug can be found in the koji repo.

There’s also an interesting thread about how the Windows installers are being detected as viruses by some AV software, so they’re zero-padding some of the hex to get around it – how easily fooled AV software must be! Its like the old trick of replacing BNE with BEQ to get around copy-protection, which we had to do at an old games company I used to work for, when we bought a company’s software but the sourcecode was long lost.

Update: I’ve also noticed that there’s a new version 1.7.4.2 of John The Ripper, so I’ve compiled and patched that too.