
                    Network Security Analysis Tool
                                v 1.22
                       (c) 1999, 2000 by Mixter

1.22 - * Added automatic library detection to configure script
         (editing it in the Makefiles was just too annoying).
       * A few optical improvements

1.21 - * Added config variables to progressindicator class.
       * Implementation of new options into scan recovery,
         and re-reading of NSAT config file on resuming.
       * Some more bugfixes and cosmetic changes.
       * Compiling and beta tests on OpenBSD.

1.20 - * BETA version.
       * Lots of tons of bugfixes.
       * Reformatted log messages and output.
       * Added verbose console status reporting,
         all services that are found are displayed verbosely
         to standard output, if in console mode.

1.199 - * Moved most sentences and strings to lang.h
        * Moved all compile-time configuration settings to lang.h
        * Updated manpage, etcblah.

1.198 - * Added command-line Vhost support
       * Added mysql, hp remotewatch, squid to services
       * Re-wrote webscanner, added IDS evasion, added CGI vulnerability list
       * Stocked up vulnerable CGIs to around 350
       * Add verbosity level report, services report, etc. on startup
       * Audited scanner to sort out dangerous scans (intrusive scans,
         active exploiting, scans that could cause DoS)

1.19 - * ALPHA version. Redesigned scanner.
       * Re-wrote SockSet class. Select call, polling, etc. improved
       * Wrote config file for nsat, added modular scanning
       * Services to scan can be selected individually in the configuration
       * Added old-style verbosity level emulation mode
       * Added scan verbosity levels for most services

1.14 - * Implemented Libmix++ functions
       * Rewrote RPC logging and formatting (service list, vuln entries)
       * Rewrote port logging (port list, vuln/backdoor entries)
       * Fixed some bugs that created zero size log files
       * Upgraded ADMsmb to v 0.2 (still doesn't run on solaris, oh well)
       * Wrote configure file, config.h.in, Makefiles, etc. for portability
       * Rewrote backdoor scanning in conjunction with portscanning

1.13 - * STUPID socket/connection handling bugs fixed
       * makefiles re-organized for faster compiling
       * added anonymous ftp logging
       * implemented FD_SETSIZE macros, fdmax(),
         writing to /proc, setrlimit, and other performance stuff

1.12 - * Detects Cisco vulnerabilities
       * Now detects 181 vulnerable CGI scripts
       * Vulnerability and risk information updated
       * Catch SEGV/SEGBUS caused by faulty siglongjmp
         and sigsetjmp functions (solution by guidob@synnergy.net)
       * Y2K bug fix for web scanning pattern matching function
         
1.11 - * Now also compiles on BSD and other systems
       * Detects sendmail 8.9 remote vulnerability
       * Detects trinoo (DoS) master servers
       * Advisories updated

1.10 - * Handful of new serious CGI holes added to www auditing
       * Detects new RPC vulnerabilities, can do complete rpc service dump
       * Fixed ugly bug with select, oh oh ;x
       * Sendmail scanning improved / more reliable

1.09 - * will now make sure all scanning processes are
         finished before exiting (preventing incomplete scans)
       * OS scanning fixed/tweaked, some prints added

1.08 - * xnsat GUI redesign
       * added 2 new -v scanning levels
       * redid the webscan procedure and updated to 170 cgis

1.07 - * added -l process lifetime option
       * webscan was not working due to a silly bug
       * fixed segfaults that were results of the object pointer
         'this' being overwritten

1.06 - * fixed pid allocation threads
         (exit instead of return produces deadlocks)
       * fixed a *cough cough* buffer overflow in progress.C
       * updated jumps to properly restore signal actions

1.05 - * changed service scanning order for performance enhancement
       * improved file descriptor handling

1.04 - First beta release
