IT Trenches

Jul 20 2009   6:05PM GMT

Nmap v5 released – nearly 600 changes!

Troy Tate Profile: Troy Tate

Fyodor has announced the release of Nmap v5. This is the first major release since 1997. There are over 600 changes in the new version.

According to Wikipedia:

Nmap is a security scanner originally written by Gordon Lyon (also known by his pseudonym Fyodor Vaskovich).[1] Nmap is a “Network Mapper”, used to discover computers and services on a computer network, thus creating a “map” of the network. Just like many simple port scanners, Nmap is capable of discovering passive services on a network despite the fact that such services aren’t advertising themselves with a service discovery protocol. In addition Nmap may be able to determine various details about the remote computers. These include operating system, device type, uptime, software product used to run a service, exact version number of that product, presence of some firewall techniques and, on a local area network, even vendor of the remote network card.

If you have not used Nmap before, you should become add it to your toolbox and become familiar with this extremely useful network administration and testing tool. Some of the additions in v5 include:

1. Ncat included with Nmap. If you are familiar with netcat, then enough said. If not, ncat is a “reinvention” of the infamous netcat tool. Ncat is defined as the ‘swiss army knife’ for security testing and admin functions and can be considered a ‘piece of clay’ as you’ll find it’s range of uses is only limited by the user’s imagination and technical skills.

See http://nmap.org/ncat/

2. Ndiff scan comparison tool can be used to compare two Nmap XML files Рin essence,  you can scan a host today and scan it tomorrow and use Ndiff to compare the two to see differences in the results.

See http://nmap.org/ndiff/man.html

3. Performance enhancements have been made possible by the numerous scans Fyodor made of the internet last summer  and finding the most commonly-open ports and reduce the number of ports scanned by default. In addition, you can define your own scan rate and bypass Nmaps congestion control algorithms.

4. The Nmap Scripting Engine (NSE) scripts have been improved and 32 new scripts added including scripts for MSRPC/NetBIOS atacks, queries and vulnerability probes, brute force attack scripts against SNMP and POP3 and more. NSE scripts/modules are defined at http://nmap.org/nsedoc/

5. The Nmap Book – this is a MUST HAVE for anyone involved in network troubleshooting or security! This is the best technical book that has come out in many years!

Get this right now at http://nmap.org/book/

I have a copy of the Nmap book that I ordered from Amazon. It is a great reference addition to your technical library and will be of great use. Nmap is a very technical tool but there are graphical interfaces for its use.

Let other ITKE members know how you use Nmap. Leave some tips/tricks here for our readers.

Thanks for reading and let’s continue to be good network citizens.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: