Nmap
From Wikipedia, the free encyclopedia
 scan results of an Nmap scan |
|
| Design by | Gordon Lyon (Fyodor) |
|---|---|
| Initial release | September, 1997 |
| Latest release | 4.76 / 2008-09-12 |
| Written in | C, C++, Python |
| Operating system | Cross-platform |
| Available in | English |
| Development status | Active |
| Type | computer security, network management |
| License | GNU General Public License |
| Website | nmap.org |
Nmap is a security scanner originally written by Gordon Lyon (also known by his pseudonym Fyodor Vaskovich).[1] It may be used to discover computers and services on a computer network, thus creating a "map" of the network. Just like many simple port scanners, Nmap is capable of discovering passive services on a network despite the fact that such services aren't advertising themselves with a service discovery protocol. In addition Nmap may be able to determine various details about the remote computers. These include operating system, device type, uptime, software product used to run a service, exact version number of that product, presence of some firewall techniques and, on a local area network, even vendor of the remote network card.
Nmap runs on Linux, Microsoft Windows, Solaris, and BSD (including Mac OS X), and also on AmigaOS.[2] Linux is the most popular nmap platform and Windows the second most popular.[3]
Contents |
[edit] Features
Nmap features include:
- Host Discovery - Identifying computers on a network, for example listing the computers which respond to pings, or which have a particular port open
- Port Scanning - Enumerating the open ports on one or more target computers
- Version Detection - Interrogating listening network services listening on remote computers to determine the application name and version number[4]
- OS Detection - Remotely determining the operating system and some hardware characteristics of network devices.
Typical uses of Nmap:
- Auditing the security of a computer, by identifying the network connections which can be made to it[citation needed]
- Identifying open ports on a target computer in preparation for auditing[5]
- Network inventory, Network mapping, maintenance, and asset management
- Auditing the security of a network, by identifying unexpected new servers.[6]
[edit] Graphical Interfaces
NmapFE, originally written by Zach Smith, was Nmap's official GUI for Nmap versions 2.2 to 4.22.[7] For Nmap 4.50 (originally in the 4.22SOC development series) NmapFE was replaced with Zenmap, a new graphical user interface based on UMIT, developed by Adriano Monteiro Marques.
Various web-based interfaces have also been available for controlling Nmap remotely from a web browser. These include LOCALSCAN,[8] nmap-web,[9] and Nmap-CGI.[10]
Also some Microsoft Windows specific GUIs exist. These include NMapWin,[11] which has not been updated since v1.4.0 was released in June 2003, and NMapW[12] by Syhunt.
 Zenmap, showing results for a port scan against Wikipedia |
 NmapFE, showing results for a port scan against Wikipedia |
 XNmap, a Mac OS X GUI. |
[edit] Modules and libraries utilizing Nmap
Nmap's preferred output format is XML, which comes in handy for interpreted languages because they can parse and present this information for use by users' scripts.
[edit] History
Nmap was first published in September 1997, as an article in Phrack Magazine with source-code included[13] Further development included better algorithms for determining which services were running,[14] code rewrites (C to C++), additional scan types and protocol support (e.g. IPv6) Nmap reached version 4.0 in January 2006 and version 4.5 in December 2007. Changes in each release are recorded in the Nmap Changelog.[15]
It is used to discover computers and services on a computer network, thus creating a “map” of the network. Just like many simple port scanners, Nmap is capable of discovering passive services on a network despite the fact that such services aren’t advertising themselves with a service discovery protocol. In addition Nmap may be able to determine various details about the remote computers. These include operating system, device type, uptime, software product used to run a service, exact version number of that product, presence of some firewall techniques and, on a local area network, even vendor of the remote network card.[16]
[edit] Controversy
Like most tools used in computer security, Nmap can be used for black hat hacking,[17] or attempting to gain unauthorized access to computer systems. It would typically be used to discover open ports which are likely to be running vulnerable services, in preparation for attacking those services with another program.[18]
System administrators often use Nmap to search for unauthorized servers on their network, or for computers which don't meet the organization's minimum level of security.[19]
Nmap is often confused with host vulnerability assessment tools such as Nessus, which go further in their exploration of a target by testing for common vulnerabilities in the open ports found.
In some jurisdictions unauthorized port scanning may be illegal.[citation needed]
[edit] Nmap in popular culture
In The Matrix Reloaded, Trinity is seen using Nmap to access a power plant's computer system [1], allowing Neo to physically break in to a building.
The appearance of Nmap in the film was widely discussed on internet forums [2], and hailed as an unusually realistic example of hacking compared to other movies [3]. It is thought that Trinity used the CRC32 compensation attack detector exploit [4] (discovered in 2001) to gain entry, once Nmap revealed the existence of an SSH service [5].
Nmap and NmapFE were used in The Listening, a 2006 movie about a former NSA officer who defects and mounts a clandestine counter-listening station high in the Italian alps.
Some Nmap source code can be seen in the movie Battle Royale [6], as well as brief views of the command line version of Nmap executing in Die Hard 4 and Bourne Ultimatum
[edit] References
- ^ "Matrix mixes life and hacking". BBC News. 2003. http://news.bbc.co.uk/1/hi/technology/3039329.stm. Retrieved on 2009-01-14.
- ^ Download the Free Nmap Security Scanner for Linux/Mac/UNIX or Windows
- ^ "Nmap Installation for Windows" (in en). nmap.org. http://nmap.org/install/inst-windows.html. Retrieved on 2008-05-14.
- ^ Service and Application Version Detection
- ^ http://nmap.org/press/computerworld_when_good_scanners_go_bad.txt
- ^ nmap-audit - Network auditing with nmap
- ^ Nmap Change Log
- ^ http://staff.washington.edu/dgreene/localscan/
- ^ nmap-web: quick-n-dirty web interface to nmap
- ^ nmap-cgi homepage
- ^ NMapWin v1.2.3
- ^ Syhunt Technology: Web Application Security and Testing Tools
- ^ Nmap Introduction - Phrack 51, Article 11
- ^ Service and Application Version Detection
- ^ Nmap Changelog
- ^ "10 Best Hacking and Security Software Tools for Linux, Sept 23 2008". http://blogs.iium.edu.my/jaiz/2008/09/23/10-best-hacking-and-security-software-tools-for-linux/.
- ^ Hacking tool reportedly draws FBI subpoenas
- ^ SANS Institute - Intrusion Detection FAQ: What is AMap and how does it fingerprint applications?
- ^ Search | Gizmo's Tech Support Alert
[edit] External links
- Official website
- SecurityFocus interview with Fyodor after the release of version 4.00
- Mindcert.com, Nmap Mind Map
- First release of Nmap in Phrack Magazine archived at insecure.org
- 2 Part Series About Nmap
- A Comprehensive Guide to Nmap with Screenshots
- Anthony Persaud's Perl Module
- Max Schubert's Perl Module
- Kris Katterjohn's Ruby Library
- "Nmap in the News"
- (Chinese) Nmap China
![[5]](http://images.insecure.org/nmap/images/matrix/reload_nmap_c.jpg){kind=link}