Security Market Segment LS
Thursday, 16 July 2009 18:55

Nmap turns five

In a surprise this morning, Fyodor announces the immediate availability of Nmap v5.00

To quote from the Nmap website, "Nmap ('Network Mapper') is a free and open source (license) utility for network exploration or security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime."

Ever since the first release in 1997, Nmap has been the scanning tool of choice for network professionals and has grown in features and support ever since then.

Version 5.00 includes almost 600 improvements since the last major release – the five major highlights, as identified by the Nmap team, are:

Ncat is a universal tool for data transfer, redirection and debugging.  Previously available as an add-on since v4.85, Ncat is now fully integrated into the distribution package.

The Ndiff scan comparison tool aids in the comparison of Nmap scans; taking two Nmap XML output files and identifying the differences between them.

Performance improvements.  Nmap itself has had some major performance improvements based, amongst other things, on extensive Internet scanning to identify likely open ports.  Additionally, team members spent considerable time optimising the core algorithms leading to a standard "benchmark scan time" improvement from 1879 seconds to 1321 seconds.

Officially published on January 1st 2009, "Nmap Network Scanning," the book about Nmap by its original author Gordon "Fyodor" Lyon, reviewed here was written, as Fyodor explains, to "to share everything he has learned about network scanning during more than a decade of Nmap development."  Surprisingly, the book was briefly Amazon's No. 1 best seller soon after release.

Finally, the Nmap Scripting Engine (NSE) allows users to write simple scripts to automate a wide variety of tasks.  Such scripts can be executed in parallel to ensure maximum speed and flexibility.

Read on for further highlights in the new release.

As seen in a variety of movies – The Matrix Reloaded, Bourne Ultimatum and Die Hard 4 being the best known, Nmap is the tool of choice for movie-makers seeking to portray realistic hacking scenes.  Best of all, hacking always looks best when conducted via a text-only interface!

In order to dress the product up a little, included in the package is Zenmap GUI and results viewer.  This offers a simple (dare I say familiar) interface to hide some of the complexity of the product.  This screenshot demonstrates a topology map produced by the Zenmap package when requested to display the connection relationship of a number of well-known web sites.

Over the past few years, Nmap has been a major beneficiary of the Google Summer of Code (GSoC) project where Google has funded internships for promising university students to spend time on major open source projects.

When asked by iTWire how much of the new version was a result of the GSoC program, 'Fyodor' said, "GSoC has been enormously helpful to the Nmap Project.  Of the 'Top 5 Improvements' in the release notes, SoC students started three of those projects (Ncat, Ndiff, and NSE), though many regular developers contributed.  Also, several of our current top developers were introduced to Nmap development as SoC students."

In 2009, the GSoC program was extended to include the new Policy Fellowship program.

Nmap v5.00 is available for immediate download from the main download page; release notes can be found here.  As always, there are versions for Linux (in particular RPM-based distros and Debian etc), Windows, Sun Solaris, FreeBSD / OpenBSD / NetBSD and Apple Mac OS X.


Australia is a cyber espionage hot spot.

As we automate, script and move to the cloud, more and more businesses are reliant on infrastructure that has high potential to be exposed to risk.

It only takes one awry email to expose an accounts payable process, and for cyber attackers to cost a business thousands of dollars.

In the free white paper ‘6 steps to improve your Business Cyber Security’ you will learn some simple steps you should be taking to prevent devastating malicious cyber attacks from destroying your business.

Cyber security can no longer be ignored, in this white paper you will learn:

· How does business security get breached?
· What can it cost to get it wrong?
· 6 actionable tips



iTWire can help you promote your company, services, and products.


Advertise on the iTWire News Site / Website

Advertise in the iTWire UPDATE / Newsletter

Promote your message via iTWire Sponsored Content/News

Guest Opinion for Home Page exposure

Contact Andrew on 0412 390 000 or email [email protected]




Recent Comments