
                    Network Security Analysis Tool
                                v 1.5
                         (c) 1999-2003 by Mixter

1.5  - * Compiling stability fixes
       * Updated timing values
       * Ping Dependence as a concept is not reliable. Disabled by default.
       * Added configure option to compile with scanning childs as
         lightweight pthreads to enhance performance.

1.43 - * Added advanced IDS evasion levels 4/5 and config options
         respectively
       * Added web-only configuration file (webonly.conf)

1.42 - * Did porting of NSAT for MAC OS X (Darwin) compatibility
         (Thanks infaux@cyberspace.org, jules@killall5.de)
       * Fix attribute bug in mkdir() call for non-root users

1.41 - * Added telnet vulnerability scanning
       * Replaced old OS fingerprinting with xprobe's ICMP/UDP OS detection
       * Added an option to put logs for each target in a separate directory
       * Fixed a major timeout issue for firewalled/unresponsive hosts
       * A few necessary bugfixes

1.32 - * Fixed an ugly bug with snmp community names
       * Optimized a few internal things for better speed and stability
       * New, cleaned-up Logging system (it's a class now)
       * Implemented rudimentary distributed scanning (via -A and -M switches)
       * First release as a SourceForge project

1.31 - * Removed private vulnerability information

1.30 - * An improved, private version for 2XS

1.24 - * Fixed segfault in snmp namelist checking
       * Fixed a few compiling warnings for newer compilers

1.23 - * Fixed cgi scanning for unicode URL's
       * Changed scanning output to have one including host entry per line
       * Improved bind version scanning
       * Updated internal LibMix API to latest version
       * Added scan target exclusion (-E), for more info see manpage

1.22 - * Added automatic library detection to configure script
         (editing it in the Makefiles was just too annoying).
       * A few optical improvements

1.21 - * Added config variables to progressindicator class.
       * Implementation of new options into scan recovery,
         and re-reading of NSAT config file on resuming.
       * Some more bugfixes and cosmetic changes.
       * Compiling and beta tests on OpenBSD.

1.20 - * BETA version.
       * Lots of tons of bugfixes.
       * Reformatted log messages and output.
       * Added verbose console status reporting,
         all services that are found are displayed verbosely
         to standard output, if in console mode.

1.199 - * Moved most sentences and strings to lang.h
        * Moved all compile-time configuration settings to lang.h
        * Updated manpage, etcblah.

1.198 - * Added command-line Vhost support
       * Added mysql, hp remotewatch, squid to services
       * Re-wrote webscanner, added IDS evasion, added CGI vulnerability list
       * Stocked up vulnerable CGIs to around 350
       * Add verbosity level report, services report, etc. on startup
       * Audited scanner to sort out dangerous scans (intrusive scans,
         active exploiting, scans that could cause DoS)

1.19 - * ALPHA version. Redesigned scanner.
       * Re-wrote SockSet class. Select call, polling, etc. improved
       * Wrote config file for nsat, added modular scanning
       * Services to scan can be selected individually in the configuration
       * Added old-style verbosity level emulation mode
       * Added scan verbosity levels for most services

1.14 - * Implemented Libmix++ functions
       * Rewrote RPC logging and formatting (service list, vuln entries)
       * Rewrote port logging (port list, vuln/backdoor entries)
       * Fixed some bugs that created zero size log files
       * Upgraded ADMsmb to v 0.2 (still doesn't run on solaris, oh well)
       * Wrote configure file, config.h.in, Makefiles, etc. for portability
       * Rewrote backdoor scanning in conjunction with portscanning

1.13 - * STUPID socket/connection handling bugs fixed
       * makefiles re-organized for faster compiling
       * added anonymous ftp logging
       * implemented FD_SETSIZE macros, fdmax(),
         writing to /proc, setrlimit, and other performance stuff

1.12 - * Detects Cisco vulnerabilities
       * Now detects 181 vulnerable CGI scripts
       * Vulnerability and risk information updated
       * Catch SEGV/SEGBUS caused by faulty siglongjmp
         and sigsetjmp functions (solution by guidob@synnergy.net)
       * Y2K bug fix for web scanning pattern matching function
         
1.11 - * Now also compiles on BSD and other systems
       * Detects sendmail 8.9 remote vulnerability
       * Detects trinoo (DoS) master servers
       * Advisories updated

1.10 - * Handful of new serious CGI holes added to www auditing
       * Detects new RPC vulnerabilities, can do complete rpc service dump
       * Fixed ugly bug with select, oh oh ;x
       * Sendmail scanning improved / more reliable

1.09 - * will now make sure all scanning processes are
         finished before exiting (preventing incomplete scans)
       * OS scanning fixed/tweaked, some prints added

1.08 - * xnsat GUI redesign
       * added 2 new -v scanning levels
       * redid the webscan procedure and updated to 170 cgis

1.07 - * added -l process lifetime option
       * webscan was not working due to a silly bug
       * fixed segfaults that were results of the object pointer
         'this' being overwritten

1.06 - * fixed pid allocation threads
         (exit instead of return produces deadlocks)
       * fixed a *cough cough* buffer overflow in progress.C
       * updated jumps to properly restore signal actions

1.05 - * changed service scanning order for performance enhancement
       * improved file descriptor handling

1.04 - First beta release
