Wikipedia Will Go Dark (Blackout) While Protesting Against SOPA/PIPA

Not only Anonymous, The White House but also The Wikipedia Community has decided to blackout (Go Dark) the English version of Wikipedia for 24 hours, in protest against proposed legislation in the United States the Stop Online Piracy Act (SOPA) in the U.S. House of Representatives, and PROTECTIP (PIPA) in the U.S. Senate. Wiki said that if the bill get passed, "this legislation will harm the free and open Internet and bring about new tools for censorship of international websites inside the United States." 

In A Public Statement Wikipedia Said:- 

"Over the course of the past 72 hours, over 1800 Wikipedians have joined together to discuss proposed actions that the community might wish to take against SOPA and PIPA. This is by far the largest level of participation in a community discussion ever seen on Wikipedia, which illustrates the level of concern that Wikipedians feel about this proposed legislation. The overwhelming majority of participants support community action to encourage greater public action in response to these two bills. Of the proposals considered by Wikipedians, those that would result in a "blackout" of the English Wikipedia, in concert with similar blackouts on other websites opposed to SOPA and PIPA, received the strongest support.

“Today Wikipedians from around the world have spoken about their opposition to this destructive legislation," said Jimmy Wales, founder of Wikipedia. "This is an extraordinary action for our community to take - and while we regret having to prevent the world from having access to Wikipedia for even a second, we simply cannot ignore the fact that SOPA and PIPA endanger free speech both in the United States and abroad, and set a frightening precedent of Internet censorship for the world."

We urge Wikipedia readers to make your voices heard. If you live in the United States, find your elected representative in Washington (https://www.eff.org/sopacall). If you live outside the United States, contact your State Department, Ministry of Foreign Affairs or similar branch of government. Tell them you oppose SOPA and PIPA, and want the internet to remain open and free."

The announcement follows a tweet by Wikipedia founder Jimmy Wales in which he said "Wikipedia protesting bad law on Wednesday!" The proposed legislation in question is the Stop Online Piracy Act (SOPA), also known as House Bill 3261 or H.R. 3261, and the PROTECT IP Act (Preventing Real Online Threats to Economic Creativity and Theft of Intellectual Property Act of 2011), aka Senate Bill 968 or S. 968. This legislation is intended to prevent online piracy, but those opposing the proposals believe that the legislation will be used to censor the internet and endanger free speech. In an open letter, Wikimedia Foundation Executive Director Sue Gardner said that, if passed, the proposed laws "would seriously damage the free and open Internet, including Wikipedia". 

-Source (The-H)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Wikipedia Will Go Dark (Blackout) While Protesting Against SOPA/PIPA"https://www.voiceofgreyhat.com/2012/01/wikipedia-will-go-dark-blackout-while.html</a>

Wikipedia Will Go Dark (Blackout) in Russia to Protest Censorship (Act for Information)

Wikipedia Will Go Dark (Blackout) in Russia to Protest Censorship (Act for Information)

All of us must know that near about six months ago Wikipedia goes offline or in other word Wikipedia gone dark (black out) globally for 24 hours, while showing a massive Web protest in the U.S. over the proposed anti-piracy laws SOPA and PIPA. Yet again it's stepping up again in a major Internet revolt against online censorship in Russia. According to sources the Russian government is currently exploring amendments to the “Act for information”. The proposed changes to the law could lead to sweeping censorship of the Internet, including the complete closure of Wikipedia in Russia. 

In addition to the proposed amendments to the "Act for Information," the government is also mulling over another bill that harkens back to the country's Soviet past with harsh censorship crackdowns. Under the draft bill, all Web sites that contain pornography or drug references, or that promote suicide or other "extremist ideas," will purportedly face blacklisting. These new laws come in the wake of an online uprising that happened before the inauguration of Russian President Vladimir Putin in May. During these protests, thousands of people took to writing on blogs and social networks demanding a new ballot after claims of rigged votes and electoral corruption during Putin's election.

Wikipedia posted a statement in Russian and asking for everyone’s help by sharing this link and spreading the word about what’s going on. The amendments are being read today and if they’re accepted then a date will be chosen that could in essence, wipe Wikipedia off of the Internet in Russia.

Message of Wikipedia to the World:- 

"Lobbyists and activists supporting the amendments, argue that they are directed exclusively against the content such as child pornography "and things like that," but to follow the provisions and wording to be discussed, will result in the creation of a Russian analogue of the "Great Chinese Firewall." The practice of law, which exists in Russia, says a high probability of worst-case scenario, in which access to Wikipedia was soon to be closed across the country."

-Source (Insider & Cnet)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Wikipedia Will Go Dark (Blackout) in Russia to Protest Censorship (Act for Information)"https://www.voiceofgreyhat.com/2012/07/wikipedia-will-go-dark-blackout-in.html</a>

Wikipedia Released Their Official Application For Android

Today Wikipedia announced the availability of their official Wikipedia Application for Google's open source Android mobile operating system also known as Android 4.0, Ice Cream Sandwich (ICS). With the new app for the online encyclopedia users can search the entire Wikipedia site as well as find articles for nearby points of interest. Articles can be saved to a user's device for offline viewing or shared using the Android "Share" function, allowing users to send an article via, for example, email or text message. Previously Wikipedia released their official application "Wikipedia Mobile" for iTunes App Store, iOS devices like the iPhone. 

The official Wikipedia app for Android is available to download from the Android Market and requires Android 2.2 "Froyo" or later.  

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Wikipedia Released Their Official Application For Android"https://www.voiceofgreyhat.com/2012/01/wikipedia-released-their-official.html</a>

Anonymous Targets Australian Govt Sites Over Internet Privacy Laws

Anonymous Targets Australian Govt Sites Over Changes in Internet Privacy Laws

The Australian Government has became the latest victim of international hacker collective group Anonymous. At least 10 of the country's government websites were sent offline in a series of attacks over proposed changes to Internet privacy laws. The first attacks were conducted in conjunction with Prime Minister Julia Gillard's online Q&A session this weekend, Anonymous. So far, the only targeted sites are run by the Queensland State Government. 

Site List:- 

sunshinecoast.qld.gov.au

regions.qld.gov.au

sd.qld.gov.au

dtrdi.qld.gov.au

science.qld.gov.au

createitmakeitliveit.qld.gov.au

smartawards.qld.gov.au

tourism.industry.qld.gov.au

workliveplay.qld.gov.au

lib.qld.gov.au

If an Australian online security bill gets passed into law, it could require ISPs to store user activity for a period of two years, allowing Web users' every online move to be watched by the government.

In response, the Australian arm of Anonymous threatened to continue its attacks on ".gov.au" sites until the bill is halted.

Anonymous said  the sites were specifically chosen because the group had “proof” that small to medium businesses, education departments, student and personal accounts had been tracked by the State Government. “The Australian Government is attempting to strip away its citizens’ internet rights by forcing them to surrender passwords and internet usage data,” Anonymous Australia said via email. “Unless the Government starts acting in the best interest of its people, it will continue to bring the noise.” The hackers said the attacks were in response to changes being discussed by the Parliamentary Joint Committee on Intelligence and Security (PJCIS). 

Not only Internet privacy but also Anonymous confirmed that its actions were also in response to recent denials of Australian-born WikiLeaks founder Julian Assange's extradition. 

A Department of Defence spokesperson said the department was aware of the reports of Australian attacks but did not publicly comment or discuss details of cyber incidents. "Defence, through the Cyber Security Operations Centre, works with affected government agencies, as required, to help mitigate threats to information security," the spokesperson said. A spokesperson for Federal Attorney-General Nicola Roxon said it was critical Australia's national security capability could keep up with technology and global security. "We must always stay a step ahead of terrorists, cyber criminals and organised criminals who threaten our national security," the spokesperson said.

This is not the first time, earlier the world have seen several protest generated from all over the world against Internet censorship. In case of SOPA, PIPA & ACTA hackers from different part generated massive cyber attack. Even Wikipedia go dark for 24 hrs. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Anonymous Targets Australian Govt Sites Over Internet Privacy Laws"https://www.voiceofgreyhat.com/2012/07/AnonymousTargetsAustralianGovtSites.html</a>

Apple Brings iOS 7.0.4 [Includes New Features, FaceTime Bug & App Store Purchase Flaw Fixed]

Apple Brings iOS 7.0.4 & iOS 6.1.5 Includes New Features, FaceTime Bug  & App Store Purchase Flaw Fixed

California based tech giant Apple Inc has released a new update on their popular iOS software running on iPhone, iPad, and iPod touch devices. This release of of iOS 7.0.4  includes bug fixes and improvements, including a fix for an issue that causes FaceTime calls to fail for some users. iPods that are not able to upgrade to iOS 7 have their own version to upgrade to, iOS 6.1.5. The release of iOS 7.04 marks the third update of the iPhone operating system in the short time since Apple pushed out iOS 7 in September. The new OS represented a major change from the older operating systems, both in the look and feel of the software and in its functionality.  There’s much zooming in and out and all about in iOS 7, as well as a blurry background that has drawn quite a bit of criticism. iOS 7 also was a major security release, fixing issues with the iPhone’s certificate trust policy as well as remote code-execution vulnerabilities in the CoreGraphics and CoreMedia components. 

The new update improves iCloud Keychain, which was introduced in iOS 7.0.3, and the latest version of the desktop software, OS X Mavericks. The cloud-based technology keeps the Safari browser's passwords and credit card data in sync across all your Apple devices. Secondly, in Spotlight, the device's internal search engine, Apple has brought back the ability to search Google and Wikipedia from the results. The two services were removed when iOS 7 was first released in mid-September. 

Also on Thursday, Apple released a corresponding update to its Apple TV, updating the set-top box to version 6.0.2.  Users can update to the latest version by accessing the device's Settings, selecting General, then Software Update. In spite of the relatively small size of the update, it's recommended that users use Wi-Fi when updating. To avoid security vulnerabilities every Apple users are highly recommended to update their software. 

-Source (Apple, ZDNet & Threat Post) 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Apple Brings iOS 7.0.4 [Includes New Features, FaceTime Bug & App Store Purchase Flaw Fixed]"https://www.voiceofgreyhat.com/2013/11/apple-brings-iOS-7.0.4-and-6.1.5.html</a>

SQL vulnerability Found in Hizb-ul-Mujahideen's Media website

SQL vulnerability Found in Pakistani Terrorist Group Hizb-ul-Mujahideen's Media website by Minhal Mehdi


Vulnerable Site:-
http://www.hizbmedia.com/


Vulnerable Link:-
 http://www.hizbmedia.com/index.php?q=node&vid=1&nid=1524%27


About  Hizb-ul-Mujahideen  :- http://en.wikipedia.org/wiki/Hizbul_Mujahideen

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">SQL vulnerability Found in Hizb-ul-Mujahideen's Media website"https://www.voiceofgreyhat.com/2011/05/sql-vulnerability-found-in-hizb-ul.html</a>

#opSOTU By Anonymous To Oppose Executive Cyber Security Order (The Revised CISPA)

#opSOTU By Anonymous To Oppose Executive Cyber Security Order (The Revised CISPA)

Last year the Internet and its trillion of users across the globe has faced several barrier when, number of approach from Senate and government, along with few corporate and other organization were in the target to make the entire Internet censored. To engage this motive they have approached and introduced a number of regulations and act such as SOPA, PIPA, CISPA & ACTA. But to implement those enactment was not that easy, as huge number of organization (including White House, Wikipedia & so on), billions of mass people stand against those controversial act, and as expected those acts were ruled back, that said protest might not get the full success, if hackers around the globe did not take part in it. It was the hackers communities who forced the govt to roll back those rules. But the victory was not that easy to achieve, as the president of U.S. appeared before a joint session of Congress to deliver the State of the Union Address and he plans to sign an executive order for cyber-security as the House Intelligence committee reintroduces the defeated CISPA act which turns private companies into government informants. As soon as the deceleration of the executive order for cyber-security came, immediately protest came. Hacktivist group Anonymous yet against stand against the controversial CISPA, and called an operation dubbed Operation SOTU (#opSOTU). In the campaign the hacker group states a clear intent to obstruct Internet broadcasts of the president's State of the Union address, an action the group justifies by pointing to renewed interest in Congress to pass the Cybersecurity Intelligence Sharing and Protection Act (CISPA), a measure Anonymous has long opposed. 

Press Release of Anonymous (#opSOTU):- 

Citizens of the Internet,
Last year we faced our greatest threat from lawmakers. We faced down SOPA, PIPA, CISPA and ACTA.

And we won!

But that victory did not come easily. Nor did it come without a price.

Aaron Swartz was one of the leading voices in the fight against these idiotic and destructive efforts to control the last free space on Earth.

Aaron Swartz was persecuted. Now Aaron Swartz is dead.
Tonight, the President of the United States will appear before a joint session of Congress to deliver the State of the Union Address and tomorrow he plans to sign an executive order for cyber-security as the House Intelligence committee reintroduces the defeated CISPA act which turns private companies into government informants.

He will not be covering the NDAA, an act of outright tyrannical legislation allowing for indefinite detention of citizens completely outside due process and the rule of law. In fact, lawyers for the government have point-blank refused to state whether or not journalists who cover stories or groups the Government disfavors would be subject to this detention.

He will not be covering the extra-judicial and unregulated justifications for targeted killings of citizens by military drones within the borders of America, or the fact that Orwellian newspeak had to be used to make words like “imminent” mean their opposite.

He will not be covering Bradley Manning, 1000 days in detention with no trial for revealing military murders, told that his motive for leaking cannot be taken into consideration, that the Government does not have room for conscience.

He will not be covering the secret interpretations of law that allow for warrant-less wiretapping and surveillance of any US citizen without probably cause of criminal acts, or the use of Catch-22 logic where no-one can complain about being snooped on because the state won’t tell you who they’re snooping on, and if you don’t know you’re being snooped on, you don’t have a right to complain.

We reject the State of the Union. We reject the authority of the President to sign arbitrary orders and bring irresponsible and damaging controls to the Internet.
The President of the United States of America, and the Joint Session of Congress will face an Army tonight.
We will form a virtual blockade between Capitol Hill and the Internet. Armed with nothing more than Lulz, Nyancat and PEW-PEW-PEW! Lazers, we will face down the largest superpower on Earth.

And we will win!

There will be no State of the Union Address on the web tonight.

For freedom, for Aaron Swartz, for the Internet, and of course, for the lulz.

We Are Anonymous,
We Are Legion,
We Do Not forgive,
We Do Not forget,
Expect Us.

..."

But unlike last year, this time the approach of CISPA is more organized, as not only Congress but also the White House will also unveil President Barack Obama's long-awaited executive order on cyber security. So to stand against such an organized and well planned act, the protester need to be more decent and more united. As we all want and prefer freedom and privacy in our personal life as well as in the Internet, so we will fight and expect to win. So stay tuned with VOGH, and lets see what is coming for us. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">#opSOTU By Anonymous To Oppose Executive Cyber Security Order (The Revised CISPA)"https://www.voiceofgreyhat.com/2013/02/opSOTU-By-Anonymous-To-Oppose-CISPA.html</a>

US Congress Postponed SOPA & PIPA Bills

US Congress Postponed SOPA & PIPA Bills

#Blackout Protest against SOPA really works and the result is now in front of us. The US Congress has halted debate on two contested anti-online piracy bills. In a statement Senate Majority Leader Harry Reid said "In light of recent events, I have decided to postpone Tuesday's vote on the PROTECT IP Act,"

Chairman Smith: “I have heard from the critics and I take seriously their concerns regarding proposed legislation to address the problem of online piracy. It is clear that we need to revisit the approach on how best to address the problem of foreign thieves that steal and sell American inventions and products. The problem of online piracy is too big to ignore. American intellectual property industries provide 19 million high-paying jobs and account for more than 60 percent of U.S. exports. The theft of America’s intellectual property costs the U.S. economy more than $100 billion annually and results in the loss of thousands of American jobs.  Congress cannot stand by and do nothing while American innovators and job creators are under attack."

Actually they are forced to take this decision as because the mass did not at all welcome these acts. Not only Anonymous but also Wikipedia, The White House and many other sites opposed to see 'Censored web'. So US Congress is forced to delayed those two controversial bills. This is indeed a big win for those who stand against SOPA/PIPA. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">US Congress Postponed SOPA & PIPA Bills"https://www.voiceofgreyhat.com/2012/01/us-congress-postponed-sopa-pipa-bills.html</a>

Wikileaks v The Pentagon – WAR on the Internet

 
Rap News resumes its lyrical forays into the world of rhyme and reason, exploring the importance of the Internets. Robert Foster casts a critical rhyme over Senator Joe (Lie)berman’s proposed bill to shut down the world-wide-web in case of [quotation mark] an emergency [/quotation mark]. But – most importantly – we discuss something else which has been leaking even more profusely than a BP oil well. An organisation of ultra-inspiring infectively-courageous cybernauts – aka Wikileaks – has been taking on the Fistagon and giving that slumbering Fourth Estate a much-needed kick in the arse, reminding us how important the internet is as a tool for open information and for holding corrupt government to account. What is Wikileaks? Who is Julian Assange? And why is it so important that we know what’s happening right now? Find out with your charming host, Robert Foster. **Episode dedicated to Mama Wolf – happy birthday!** Find out more about: Wikileaks: wikileaks.ch Lieberman on CNN www.youtube.com ‘Protecting Cyberspace as a National Asset Act’: en.wikipedia.org Wikileaks leaked video – ‘Collateral Murder’: www.youtube.com Julian Assange – talking about Wikileaks: www.youtube.com For Australians: prevent internet censorship here at home: nocleanfeed.com Download MP3 and Lyrics and find out more: website: thejuicemedia.com http www.facebook.com www.reverbnation.com

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Wikileaks v The Pentagon – WAR on the Internet"https://www.voiceofgreyhat.com/2011/05/wikileaks-v-pentagon-war-on-internet.html</a>

London is Hosting Major International Cyber-Security Conference

London is hosting a major international conference on the threat from cybersecurity attacks. Representatives of 60 nations are gathering to discuss how to tackle the rising levels of cybercrime. Foreign Secretary William Hague convened the London Conference on Cyberspace, and urged a "global co-ordinated response" on policy.
However, Wikipedia founder, Jimmy Wales, warned that ill-advised interventions posed their own risks. The event comes a day after intelligence agency GCHQ warned that cyberattacks on the UK were at "disturbing" levels.
Experts attending the two-day conference include EU digital supremo Neelie Kroes, Cisco's vice-president Brad Boston and Joanna Shields, a senior executive at Facebook. US Secretary of State Hillary Clinton had been due to attend, but cancelled the trip on Monday night after her 92-year-old mother fell ill. Mr Hague led the opening session. "We want to widen the pool of nations and cyberusers that agree with us about the need for norms of behaviour, and who want to seek a future cyberspace based on opportunity, freedom, innovation, human rights and partnership, between government, civil society and the private sector," he said. However Mr Wales, who also took part in the first event, urged caution. "The biggest threat to the internet is not cybercriminals, but misguided or overreaching government policy," he said.
Prime Minister David Cameron appeared to agree that politicians should resist the temptation to be heavy-handed. "Governments must not use cyber security as an excuse for censorship," he said.

For details information Click Here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">London is Hosting Major International Cyber-Security Conference"https://www.voiceofgreyhat.com/2011/11/london-is-hosting-major-international.html</a>

Nmap 5.59 BETA1 (With 40 new NSE scripts)

Nmap 5.59 BETA1 released. This version includes 40 new NSE scripts (plus improvements to many others), even more IPv6 goodness than the informal World IPv6 Day release, 7 new NSE protocol libraries and hundreds of bug fixes! This release also expands and improves IPv6 support!

o [NSE] Added 40 scripts, bringing the total to 217!  You can learn
 more about any of them at http://nmap.org/nsedoc/. Here are the new
 ones (authors listed in brackets):

 + afp-ls: Lists files and their attributes from Apple Filing
   Protocol (AFP) volumes. [Patrik Karlsson]

 + backorifice-brute: Performs brute force password auditing against
   the BackOrifice remote administration (trojan) service. [Gorjan
   Petrovski]

 + backorifice-info: Connects to a BackOrifice service and gathers
   information about the host and the BackOrifice service
   itself. [Gorjan Petrovski]

 + broadcast-avahi-dos: Attempts to discover hosts in the local
   network using the DNS Service Discovery protocol, then tests
   whether each host is vulnerable to the Avahi NULL UDP packet
   denial of service bug (CVE-2011-1002). [Djalal Harouni]

 + broadcast-netbios-master-browser: Attempts to discover master
   browsers and the Windows domains they manage. [Patrik Karlsson]

 + broadcast-novell-locate: Attempts to use the Service Location
   Protocol to discover Novell NetWare Core Protocol (NCP)
   servers. [Patrik Karlsson]

 + creds-summary: Lists all discovered credentials (e.g. from brute
   force and default password checking scripts) at end of scan.
   [Patrik Karlsson]

 + dns-brute: Attempts to enumerate DNS hostnames by brute force
   guessing of common subdomains. [Cirrus]

 + dns-nsec-enum: Attempts to discover target hosts' services using
   the DNS Service Discovery protocol. [Patrik Karlsson]

 + dpap-brute: Performs brute force password auditing against an
   iPhoto Library. [Patrik Karlsson]

 + epmd-info: Connects to Erlang Port Mapper Daemon (epmd) and
   retrieves a list of nodes with their respective port
   numbers. [Toni Ruottu]

 + http-affiliate-id: Grabs affiliate network IDs (e.g. Google
   AdSense or Analytics, Amazon Associates, etc.) from a web
   page. These can be used to identify pages with the same
   owner. [Hani Benhabiles, Daniel Miller]

 + http-barracuda-dir-traversal: Attempts to retrieve the
   configuration settings from a Barracuda Networks Spam & Virus
   Firewall device using the directory traversal vulnerability
   described at
   http://seclists.org/fulldisclosure/2010/Oct/119. [Brendan Coles]

 + http-cakephp-version: Obtains the CakePHP version of a web
   application built with the CakePHP framework by fingerprinting
   default files shipped with the CakePHP framework. [Paulino
   Calderon]

 + http-majordomo2-dir-traversal: Exploits a directory traversal
   vulnerability existing in the Majordomo2 mailing list manager to
   retrieve remote files. (CVE-2011-0049). [Paulino Calderon]

 + http-wp-plugins: Tries to obtain a list of installed WordPress
   plugins by brute force testing for known plugins. [Ange Gutek]

 + ip-geolocation-geobytes: Tries to identify the physical location
   of an IP address using the Geobytes geolocation web service
   (http://www.geobytes.com/iplocator.htm). [Gorjan Petrovski]

 + ip-geolocation-geoplugin: Tries to identify the physical location
   of an IP address using the Geoplugin geolocation web service
   (http://www.geoplugin.com/). [Gorjan Petrovski]

 + ip-geolocation-ipinfodb: Tries to identify the physical location
   of an IP address using the IPInfoDB geolocation web service
   (http://ipinfodb.com/ip_location_api.php). [Gorjan Petrovski]

 + ip-geolocation-maxmind: Tries to identify the physical location of
   an IP address using a Geolocation Maxmind database file (available
   from http://www.maxmind.com/app/ip-location). [Gorjan Petrovski]

 + ldap-novell-getpass: Attempts to retrieve the Novell Universal
   Password for a user. You must already have (and include in script
   arguments) the username and password for an eDirectory server
   administrative account. [Patrik Karlsson]

 + mac-geolocation: Looks up geolocation information for BSSID (MAC)
   addresses of WiFi access points in the Google geolocation
   database. [Gorjan Petrovski]

 + mysql-audit: Audit MySQL database server security configuration
   against parts of the CIS MySQL v1.0.2 benchmark (the engine can
   also be used for other MySQL audits by creating appropriate audit
   files).  [Patrik Karlsson]

 + ncp-enum-users: Retrieves a list of all eDirectory users from the
   Novell NetWare Core Protocol (NCP) service. [Patrik Karlsson]

 + ncp-serverinfo: Retrieves eDirectory server information (OS
   version, server name, mounts, etc.) from the Novell NetWare Core
   Protocol (NCP) service. [Patrik Karlsson]

 + nping-brute: Performs brute force password auditing against an
   Nping Echo service. [Toni Ruottu]

 + omp2-brute: Performs brute force password auditing against the
   OpenVAS manager using OMPv2. [Henri Doreau]

 + omp2-enum-targets: Attempts to retrieve the list of target systems
   and networks from an OpenVAS Manager server. [Henri Doreau]

 + ovs-agent-version: Detects the version of an Oracle OVSAgentServer
   by fingerprinting responses to an HTTP GET request and an XML-RPC
   method call. [David Fifield]

 + quake3-master-getservers: Queries Quake3-style master servers for
   game servers (many games other than Quake 3 use this same
   protocol). [Toni Ruottu]

 + servicetags: Attempts to extract system information (OS, hardware,
   etc.) from the Sun Service Tags service agent (UDP port
   6481). [Matthew Flanagan]

 + sip-brute: Performs brute force password auditing against Session
   Initiation Protocol (SIP -

http://en.wikipedia.org/wiki/Session_Initiation_Protocol)

   accounts.  This protocol is most commonly associated with VoIP
   sessions. [Patrik Karlsson]

 + sip-enum-users: Attempts to enumerate valid SIP user accounts.
   Currently only the SIP server Asterisk is supported. [Patrik
   Karlsson]

 + smb-mbenum: Queries information managed by the Windows Master
   Browser. [Patrik Karlsson]

 + smtp-vuln-cve2010-4344: Checks for and/or exploits a heap overflow
   within versions of Exim prior to version 4.69 (CVE-2010-4344) and
   a privilege escalation vulnerability in Exim 4.72 and prior
   (CVE-2010-4345). [Djalal Harouni]

 + smtp-vuln-cve2011-1720: Checks for a memory corruption in the
   Postfix SMTP server when it uses Cyrus SASL library authentication
   mechanisms (CVE-2011-1720).  This vulnerability can allow denial
   of service and possibly remote code execution. [Djalal Harouni]

 + snmp-ios-config: Attempts to downloads Cisco router IOS
   configuration files using SNMP RW (v1) and display or save
   them. [Vikas Singhal, Patrik Karlsson]

 + ssl-known-key: Checks whether the SSL certificate used by a host
   has a fingerprint that matches an included database of problematic
   keys. [Mak Kolybabi]

 + targets-sniffer: Sniffs the local network for a configurable
   amount of time (10 seconds by default) and prints discovered
   addresses. If the newtargets script argument is set, discovered
   addresses are added to the scan queue. [Nick Nikolaou]

 + xmpp: Connects to an XMPP server (port 5222) and collects server
   information such as supported auth mechanisms, compression methods
   and whether TLS is supported and mandatory. [Vasiliy Kulikov]

o Nmap has long supported IPv6 for basic (connect) port scans, basic
 host discovery, version detection, Nmap Scripting Engine.  This
 release dramatically expands and improves IPv6 support:
 + IPv6 raw packet scans (including SYN scan, UDP scan, ACK scan,
   etc.) are now supported. [David, Weilin]
 + IPv6 raw packet host discovery (IPv6 echo requests, TCP/UDP
   discovery packets, etc.) is now supported. [David, Weilin]
 + IPv6 traceroute is now supported [David]
 + IPv6 protocol scan (-sO) is now supported, including creating
   realistic headers for many protocols. [David]
 + IPv6 support to the wsdd, dnssd and upnp NSE libraries. [Daniel
   Miller, Patrik]
 + The --exclude and --excludefile now support IPV6 addresses with
   netmasks.  [Colin]

o Scanme.Nmap.Org (the system anyone is allowed to scan for testing
 purposes) is now dual-stacked (has an IPv6 address as well as IPv4)
 so you can scan it during IPv6 testing.  We also added a DNS record
 for ScanmeV6.nmap.org which is IPv6-only. See
 http://seclists.org/nmap-dev/2011/q2/428. [Fyodor]

o The Nmap.Org website as well as sister sites Insecure.Org,
 SecLists.Org, and SecTools.Org all have working IPv6 addresses now
 (dual stacked). [Fyodor]

o Nmap now determines the filesystem location it is being run from and
 that path is now included early in the search path for data files
 (such as nmap-services).  This reduces the likelihood of needing to
 specify --datadir or getting data files from a different version of
 Nmap installed on the system.  For full details, see
 http://nmap.org/book/data-files-replacing-data-files.html.  Thanks
 to Solar Designer for implementation advice. [David]

o Created a page on our SecWiki for collecting Nmap script ideas! If
 you have a good idea, post it to the incoming section of the page.
 Or if you're in a script writing mood but don't know what to write,
 come here for inspiration: https://secwiki.org/w/Nmap_Script_Ideas.

o The development pace has greatly increased because Google (again)
 sponsored a 7 full-time college and graduate student programmer
 interns this summer as part of their Summer of Code program!
 Thanks, Google Open Source Department!  We're delighted to introduce
 the team: http://seclists.org/nmap-dev/2011/q2/312

o [NSE] Added 7 new protocol libraries, bringing the total to 66.  You
 can read about them all at http://nmap.org/nsedoc/. Here are the new
 ones (authors listed in brackets):

 + creds: Handles storage and retrieval of discovered credentials
   (such as passwords discovered by brute force scripts). [Patrik
   Karlsson]

 + ncp: A tiny implementation of Novell Netware Core Protocol
   (NCP). [Patrik Karlsson]

 + omp2: OpenVAS Management Protocol (OMP) version 2 support. [Henri
   Doreau]

 + sip: Supports a limited subset of SIP commands and
   methods. [Patrik Karlsson]

 + smtp: Simple Mail Transfer Protocol (SMTP) operations. [Djalal
   Harouni]

 + srvloc: A relatively small implementation of the Service Location
   Protocol. [Patrik Karlsson]

 + tftp: Implements a minimal TFTP server. It is used in
   snmp-ios-config to obtain router config files.[Patrik Karlsson]

o Improved Nmap's service/version detection database by adding:
 + Apple iPhoto (DPAP) protocol probe [Patrik]
 + Zend Java Bridge probe [Michael Schierl]
 + BackOrifice probe [Gorjan Petrovski]
 + GKrellM probe [Toni Ruotto]
 + Signature improvements for a wide variety of services (we now have
   7,375 signatures)

o [NSE] ssh-hostkey now additionally has a postrule that prints hosts
 found during the scan which share the same hostkey. [Henri Doreau]

o [NSE] Added 300+ new signatures to http-enum which look for admin
 directories, JBoss, Tomcat, TikiWiki, Majordomo2, MS SQL, WordPress,
 and more. [Paulino]

o Made the final IP address space assignment update as all available
 IPv4 address blocks have now been allocated to the regional
 registries.  Our random IP generation (-iR) logic now only excludes
 the various reserved blocks.  Thanks to Kris for years of regular
 updates to this function!

o [NSE] Replaced http-trace with a new more effective version. [Paulino]

o Performed some output cleanup work to remove unimportant status
 lines so that it is easier to find the good stuff! [David]

o [Zenmap] now properly kills Nmap scan subprocess when you cancel a
 scan or quit Zenmap on Windows. [Shinnok]

o [NSE] Banned scripts from being in both the "default" and
 "intrusive" categories.  We did this by removing dhcp-discover and
 dns-zone-transfer from the set of scripts run by default (leaving
 them "intrusive"), and reclassifying dns-recursion, ftp-bounce,
 http-open-proxy, and socks-open-proxy as "safe" rather than
 "intrusive" (keeping them in the "default" set).

o [NSE] Added a credential storage library (creds.lua) and modified
 the brute library and scripts to make use of it. [Patrik]

o [Ncat] Created a portable version of ncat.exe that you can just drop
 onto Microsoft Windows systems without having to run any installer
 or copy over extra library files. See the Ncat page
 (http://nmap.org/ncat/) for binary downloads and a link to build
 instructions. [Shinnok]

o Fix a segmentation fault which could occur when running Nmap on
 various Android-based phones.  The problem related to NULL being
 passed to freeaddrinfo(). [David, Vlatko Kosturjak]

o [NSE] The host.bin_ip and host.bin_ip_src entries now also work with
 16-byte IPv6 addresses. [David]

o [Ncat] Updated the ca-bundle.crt list of trusted certificate
 authority certificates. [David]

o [NSE] Fixed a bug in the SMB Authentication library which could
 prevent concurrently running scripts with valid credentials from
 logging in. [Chris Woodbury]

o [NSE] Re-worked http-form-brute.nse to better autodetect form
 fields, allow brute force attempts where only the password (no
 username) is needed, follow HTTP redirects, and better detect
 incorrect login attempts. [Patrik, Daniel Miller]

o [Zenmap] Changed the "slow comprehensive scan" profile's NSE script
 selection from "all" to "default or (discovery and safe)"
 categories.  Except for testing and debugging, "--script all" is
 rarely desirable.

o [NSE] Added the stdnse.silent_require method which is used for
 library requires that you know might fail (e.g. "openssl" fails if
 Nmap was compiled without that library).  If these libraries are
 called with silent_require and fail to load, the script will cease
 running but the user won't be presented with ugly failure messages
 as would happen with a normal require. [Patrick Donnelly]

o [Ncat] ncat now listens on both localhost and ::1 when you run ncat
 -l. It works as before if you specify -4 or -6 or a specific
 address. [Colin Rice]

o [Zenmap] Fixed a bug in topology mapper which caused endpoints
 behind firewalls to sometimes show up in the wrong place (see
 http://seclists.org/nmap-dev/2011/q2/733).  [Colin Rice]

o [Zenmap] If you scan a system twice, any open ports from the first
 scan which are closed in the 2nd will be properly marked as
 closed. [Colin Rice].

o [Zenmap] Fixed an error that could cause a crash ("TypeError: an
 integer is required") if a sort column in the ports table was unset.
 [David]

o [Ndiff] Added nmaprun element information (Nmap version, scan date,
 etc.) to the diff.  Also, the Nmap banner with version number and
 data is now only printed if there were other differences in the
 scan. [Daniel Miller, David, Dr. Jesus]

o [NSE] Added nmap.get_interface and nmap.get_interface_info functions
 so scripts can access characteristics of the scanning interface.
 Removed nmap.get_interface_link. [Djalal]

o Fixed an overflow in scan elapsed time display that caused negative
 times to be printed after about 25 days. [Daniel Miller]

o Updated nmap-rpc from the master list, now maintained by IANA.
 [Daniel Miller, David]

o [Zenmap] Fixed a bug in the option parser: -sN (null scan) was
 interpreted as -sn (no port scan). This was reported by
 Shitaneddine. [David]

o [Ndiff] Fixed the Mac OS X packages to use the correct path for
 Python: /usr/bin/python instead of /opt/local/bin/python. The bug
 was reported by Wellington Castello. [David]

o Removed the -sR (RPC scan) option--it is now an alias for -sV
 (version scan), which always does RPC scan when an rpcinfo service
 is detected.

o [NSE] Improved the ms-sql scripts and library in several ways:
 - Improved version detection and server discovery
 - Added support for named pipes, integrated authentication, and
   connecting to instances by name or port
 - Improved script and library stability and documentation.
 [Patrik Karlsson, Chris Woodbury]

o [NSE] Fixed http.validate_options when handling a cookie table.
 [Sebastian Prengel]

o Added a Service Tags UDP probe for port 6481/udp. [David]

o [NSE] Enabled firewalk.nse to automatically find the gateways at
 which probes are dropped and fixed various bugs. [Henri Doreau]

o [Zenmap] Worked around a pycairo bug that prevented saving the
 topology graphic as PNG on Windows: "Error Saving Snapshot:
 Surface.write_to_png takes one argument which must be a filename
 (str), file object, or a file-like object which has a 'write' method
 (like StringIO)". The problem was reported by Alex Kah. [David]

o The -V and --version options now show the platform Nmap was compiled
 on, which features are compiled in, the version numbers of libraries
 it is linked against, and whether the libraries are the ones that
 come with Nmap or the operating system.  [Ambarisha B., David]

o Fixed some inconsistencies in nmap-os-db reported by Xavier Sudre
 from netVigilance.

o The Nmap Win32 uninstaller now properly deletes nping.exe. [Fyodor]

o [NSE] Added a shortport.ssl function which can be used as a script
 portrule to match SSL services.  It is similar in concept to our
 existing shortport.http. [David]

o Set up the RPM build to use the compat-glibc and compat-gcc-34-c++
 packages (on CentOS 5.3) to resolve a report of Nmap failing to run
 on old versions of Glibc. [David]

o We no longer support Nmap on versions of Windows earlier than XP
 SP2.  Even Microsoft no longer supports Windows versions that old.
 But if you must use Nmap on such systems anyway, please see

https://secwiki.org/w/Nmap_On_Old_Windows_Releases.

o There were hundreds of other little bug fixes and improvements
 (especially to NSE scripts).  See the SVN logs for revisions 22,274
 through 24,460 for details.

To Download Nmap 5.59 BETA 1 Click HERE

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Nmap 5.59 BETA1 (With 40 new NSE scripts)"https://www.voiceofgreyhat.com/2011/07/nmap-559-beta1-with-40-new-nse-scripts.html</a>