Nmap turns five

In a surprise this morning, Fyodor announces the immediate availability of Nmap v5.00

To quote from the Nmap website, "Nmap ('Network Mapper') is a free and open source (license) utility for network exploration or security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime."

Ever since the first release in 1997, Nmap has been the scanning tool of choice for network professionals and has grown in features and support ever since then.

Version 5.00 includes almost 600 improvements since the last major release – the five major highlights, as identified by the Nmap team, are:

Ncat is a universal tool for data transfer, redirection and debugging.  Previously available as an add-on since v4.85, Ncat is now fully integrated into the distribution package.

The Ndiff scan comparison tool aids in the comparison of Nmap scans; taking two Nmap XML output files and identifying the differences between them.

Performance improvements.  Nmap itself has had some major performance improvements based, amongst other things, on extensive Internet scanning to identify likely open ports.  Additionally, team members spent considerable time optimising the core algorithms leading to a standard "benchmark scan time" improvement from 1879 seconds to 1321 seconds.

Officially published on January 1st 2009, "Nmap Network Scanning," the book about Nmap by its original author Gordon "Fyodor" Lyon, reviewed here was written, as Fyodor explains, to "to share everything he has learned about network scanning during more than a decade of Nmap development."  Surprisingly, the book was briefly Amazon's No. 1 best seller soon after release.

Finally, the Nmap Scripting Engine (NSE) allows users to write simple scripts to automate a wide variety of tasks.  Such scripts can be executed in parallel to ensure maximum speed and flexibility.

Read on for further highlights in the new release.

As seen in a variety of movies – The Matrix Reloaded, Bourne Ultimatum and Die Hard 4 being the best known, Nmap is the tool of choice for movie-makers seeking to portray realistic hacking scenes.  Best of all, hacking always looks best when conducted via a text-only interface!

In order to dress the product up a little, included in the package is Zenmap GUI and results viewer.  This offers a simple (dare I say familiar) interface to hide some of the complexity of the product.  This screenshot demonstrates a topology map produced by the Zenmap package when requested to display the connection relationship of a number of well-known web sites.

Over the past few years, Nmap has been a major beneficiary of the Google Summer of Code (GSoC) project where Google has funded internships for promising university students to spend time on major open source projects.

When asked by iTWire how much of the new version was a result of the GSoC program, 'Fyodor' said, "GSoC has been enormously helpful to the Nmap Project.  Of the 'Top 5 Improvements' in the release notes, SoC students started three of those projects (Ncat, Ndiff, and NSE), though many regular developers contributed.  Also, several of our current top developers were introduced to Nmap development as SoC students."

In 2009, the GSoC program was extended to include the new Policy Fellowship program.

Nmap v5.00 is available for immediate download from the main download page; release notes can be found here.  As always, there are versions for Linux (in particular RPM-based distros and Debian etc), Windows, Sun Solaris, FreeBSD / OpenBSD / NetBSD and Apple Mac OS X.


Did you know: 1 in 10 mobile services in Australia use an MVNO, as more consumers are turning away from the big 3 providers?

The Australian mobile landscape is changing, and you can take advantage of it.

Any business can grow its brand (and revenue) by adding mobile services to their product range.

From telcos to supermarkets, see who’s found success and learn how they did it in the free report ‘Rise of the MVNOs’.

This free report shows you how to become a successful MVNO:

· Track recent MVNO market trends
· See who’s found success with mobile
· Find out the secret to how they did it
· Learn how to launch your own MVNO service