To quote from the Nmap website
, "Nmap ('Network Mapper') is a free and open source (license) utility for network exploration or security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime."
Ever since the first release in 1997, Nmap has been the scanning tool of choice for network professionals and has grown in features and support ever since then.
Version 5.00 includes almost 600 improvements since the last major release – the five major highlights, as identified by the Nmap team, are:
is a universal tool for data transfer, redirection and debugging. Previously available as an add-on since v4.85, Ncat is now fully integrated into the distribution package.
The Ndiff scan comparison tool
aids in the comparison of Nmap scans; taking two Nmap XML output files and identifying the differences between them.
Performance improvements. Nmap itself has had some major performance improvements based, amongst other things, on extensive Internet scanning to identify likely open ports. Additionally, team members spent considerable time optimising the core algorithms leading to a standard "benchmark scan time" improvement from 1879 seconds to 1321 seconds.
Officially published on January 1st 2009, "Nmap Network Scanning,"
the book about Nmap by its original author Gordon "Fyodor" Lyon, reviewed here
was written, as Fyodor explains, to "to share everything he has learned about network scanning during more than a decade of Nmap development." Surprisingly, the book was briefly Amazon's No. 1 best seller soon after release.
Finally, the Nmap Scripting Engine
(NSE) allows users to write simple scripts to automate a wide variety of tasks. Such scripts can be executed in parallel to ensure maximum speed and flexibility.
Read on for further highlights in the new release.
As seen in a variety of movies – The Matrix Reloaded, Bourne Ultimatum and Die Hard 4 being the best known, Nmap is the tool of choice for movie-makers seeking to portray realistic hacking scenes. Best of all, hacking always looks best when conducted via a text-only interface!
In order to dress the product up a little, included in the package is Zenmap GUI and results viewer
. This offers a simple (dare I say familiar) interface to hide some of the complexity of the product. This screenshot
demonstrates a topology map produced by the Zenmap package when requested to display the connection relationship of a number of well-known web sites.
Over the past few years, Nmap has been a major beneficiary of the Google Summer of Code (GSoC) project where Google has funded internships for promising university students to spend time on major open source projects.
When asked by iTWire how much of the new version was a result of the GSoC program, 'Fyodor' said, "GSoC has been enormously helpful to the Nmap Project. Of the 'Top 5 Improvements' in the release notes, SoC students started three of those projects (Ncat, Ndiff, and NSE), though many regular developers contributed. Also, several of our current top developers were introduced to Nmap development as SoC students."
Nmap v5.00 is available for immediate download from the main download page
; release notes can be found here
. As always, there are versions for Linux (in particular RPM-based distros and Debian etc), Windows, Sun Solaris, FreeBSD / OpenBSD / NetBSD and Apple Mac OS X.