Nmap

Nmap is a security scanner originally written by Gordon Lyon (also known by his pseudonym Fyodor Vaskovich).^[1] Nmap is a "Network Mapper", used to discover computers and services on a computer network, thus creating a "map" of the network. Just like many simple port scanners, Nmap is capable of discovering passive services on a network despite the fact that such services aren't advertising themselves with a service discovery protocol. In addition Nmap may be able to determine various details about the remote computers. These include operating system, device type, uptime, software product used to run a service, exact version number of that product, presence of some firewall techniques and, on a local area network, even vendor of the remote network card.

Nmap runs on Linux, Microsoft Windows, Solaris, and BSD (including Mac OS X), and also on AmigaOS.^[2] Linux is the most popular nmap platform and Windows the second most popular.^[3]

Features

Nmap features include:

• Host Discovery - Identifying computers on a network, for example listing the computers which respond to pings, or which have a particular port open
• Port Scanning - Enumerating the open ports on one or more target computers
• Version Detection - Interrogating listening network services listening on remote computers to determine the application name and version number^[4]
• OS Detection - Remotely determining the operating system and some hardware characteristics of network devices.

Typical uses of Nmap:

• Auditing the security of a computer, by identifying the network connections which can be made to it^{[citation needed]}
• Identifying open ports on a target computer in preparation for auditing^[5]
• Network inventory, Network mapping, maintenance, and asset management
• Auditing the security of a network, by identifying unexpected new servers.^[6]

Graphical Interfaces

NmapFE, originally written by Zach Smith, was Nmap's official GUI for Nmap versions 2.2 to 4.22.^[7] For Nmap 4.50 (originally in the 4.22SOC development series) NmapFE was replaced with Zenmap, a new graphical user interface based on UMIT, developed by Adriano Monteiro Marques.

Various web-based interfaces have also been available for controlling Nmap remotely from a web browser. These include LOCALSCAN,^[8] nmap-web,^[9] and Nmap-CGI.^[10]

Also some Microsoft Windows specific GUIs exist. These include NMapWin,^[11] which has not been updated since v1.4.0 was released in June 2003, and NMapW^[12] by Syhunt.

Modules and libraries utilizing Nmap

Nmap's preferred output format is XML, which comes in handy for interpreted languages because they can parse and present this information for use by users' scripts.

History

Nmap was first published in September 1997, as an article in Phrack Magazine with source-code included^[13]. Further development included better algorithms for determining which services were running,^[14] code rewrites (C to C++), additional scan types and protocol support (e.g. IPv6, SCTP^[15]). Nmap reached version 4.0 in January 2006 and version 4.5 in December 2007. Version 5.0 came out in July 2009. Changes in each release are recorded in the Nmap Changelog.^[16]

Purpose

Nmap is used to discover computers and services on a computer network, thus creating a “map” of the network. Just like many simple port scanners, Nmap is capable of discovering passive services on a network despite the fact that such services aren’t advertising themselves with a service discovery protocol. In addition Nmap may be able to determine various details about the remote computers. These include operating system, device type, uptime, software product used to run a service, exact version number of that product, presence of some firewall techniques and, on a local area network, even vendor of the remote network card.^[17]

Ethical issues and legality

Like most tools used in computer security, Nmap can be used for black hat hacking,^[18] or attempting to gain unauthorized access to computer systems. It would typically be used to discover open ports which are likely to be running vulnerable services, in preparation for attacking those services with another program.^[19]

System administrators often use Nmap to search for unauthorized servers on their network, or for computers which don't meet the organization's minimum level of security.^[20]

Nmap is often confused with host vulnerability assessment tools such as Nessus, which go further in their exploration of a target by testing for common vulnerabilities in the open ports found.

In some jurisdictions, unauthorized port scanning may be illegal.^{[citation needed]}

Nmap in popular culture

In The Matrix Reloaded, Trinity is seen using Nmap to access a power plant's computer system,^[21] allowing Neo to physically break in to a building. The appearance of Nmap in the film was widely discussed on internet forums and hailed as an unusually realistic example of hacking compared to other movies.^[22]

Nmap and NmapFE were used in The Listening, a 2006 movie about a former NSA officer who defects and mounts a clandestine counter-listening station high in the Italian alps.

Some Nmap source code can be seen in the movie Battle Royale, as well as brief views of the command line version of Nmap executing in Die Hard 4 and Bourne Ultimatum.^[21]

References

Bibliography

External links

• Official website
• First release of Nmap in Phrack Magazine archived at insecure.org

cs:Nmap de:Nmap es:Nmap fr:Nmap ko:Nmap hr:Nmap id:Nmap it:Nmap ka:Nmap lt:Nmap nl:Nmap pl:Nmap pt:Nmap ru:Nmap sv:Nmap tr:Nmap uk:Nmap zh:Nmap