

Nmap 6 released after three years of work - jimmyjim
http://nmap.org/6/

======
etrain
I used nmap a lot during the 2.5 days (c. 2001), and was even a (very
occasional) contributor as they were porting to Windows. I can safely say I
have 0 idea how 90% of its functionality works anymore - and I think that's a
testament to how far the project has come.

It was best of breed then, and is up there with the most successful open
source projects - certainly in the security space, but maybe even anywhere.

Hats off to Fyodor and the rest of the team. This looks like really excellent
work.

------
dfc
Whenever you buy a new network connected gizmo please scan it with nmap and
please submit the OS/Service fingerprints if nmap does not know about the
device. NMAP makes it super easy to contribute the the fingerprints db.

~~~
eisbaw
Care to elaborate? A 5 min investigation on nmap.org didn't reveal how to
contribute.

~~~
dfc
One of the ways nmap makes this super easy is that it prints out the
submission page and asks you to submit the fingerprints if it does not know
about the device:)

If you get a new device run a full scan against the device; all ports, OS
detection and full service version scan.

Here is the page if you are curious:

<http://nmap.org/submit/>

~~~
bostonvaulter2
I assume you're talking about a scan using "-O"? For example "nmap -O
192.168.0.1".

~~~
dfc

      # nmap -v -v -Pn -O -sV --version-all -p 1-65535 -oA output 192.168.0.1
    

The above would be great. All 65535 ports is probably overkill. But if its
your device and you have the time why not? Rinse and repeat with UDP if you
are feeling especially charitable.

------
chadyj
Everyone has seen Nmap used and might not even know it. It was famously used
by Trinity in The Matrix, and has popped up in Die Hard, Bourne Ultimatum, The
Girl with the Dragon Tattoo and more. <http://nmap.org/movies.html>

I wonder if Hollywood will upgrade.

~~~
majke
Trinity was using nmap 2.54, how lame.

------
sausagefeet
Interestingly, this T-Mobile prepaid sim I'm on blocks me from nmap.org

------
chadlomax
I can't believe it's been 3 years since they released v5. Truly one of the
better open source security scanners out there. Thanks for sharing.

------
aurora72
#nmap -sP 192.168.1.0/24 might be the most commonly used line of nmap. But it
works best on V5.0 and not V5.x+

~~~
tshtf
What's the problem?

Have you reported it on the nmap-dev mailing list with packet dumps?

------
the_wanderer
Great to see the large list of new features and improvements.

Get a copy and start scanning, don't just scan your web servers and Internet
gateway. Have a crack at your Internet connected TV, WII and any other device
that has an IP Address. If nothing else its fun. :)

~~~
JonnieCache
_> Have a crack at your Internet connected TV, WII and any other device that
has an IP Address_

Definitely do this. I can especially recommend it if you're a bored teenager.
I learned a lot back in the day from abusing cheap gear like printers, routers
and stuff.

------
afhof
Maybe I don't use Nmap enough, but I find the Nmap switches very difficult to
remember. It usually takes a few minutes in the man pages, then a few more
minutes in Google before I finally figure out how to do what I want. Perhaps
this goes away with experience?

~~~
Garbage
"Zenmap"[1] to the rescue. :)

[1] <http://nmap.org/book/zenmap-profile-editor.html>

------
dave1010uk
From the release notes: "Gopher over IPv6!"

I'm really tempted to set up a gopher server on an IPv6-only host, just to try
this out. While perhaps pointless, it's a testament to open source that NMAP
includes this.

~~~
guylhem
Well I have one :-) I still have to put some content on it though...

~~~
michael37
It's been many years since I forgot how to access a gopher server.

~~~
SquareWheel
This Firefox extension makes it easy.

<https://addons.mozilla.org/en-US/firefox/addon/overbiteff/>

------
thebluesky
The link in the main document to the performance page:
<http://nmap.org/6/changes-performance> leads to a 404 :(

------
SamGoody
Besides Nmap's innate usefulness, it is part of the backbone of many other
tools. How long before BackTrack upgrades? Tools like Metasploit, do they
include their own Nmap (which would need to be upgraded), or relay on your
having it?

------
zerop
Can I use nmap to detect who is talking to who on a network & over what ports?
I dont want to install agent script on each node, but would install nmap on
one of the nodes in the network.

~~~
freehunter
NMap can tell you what ports are being used by a device. tcpdump would be able
to show the conversations.

------
christianbryant
Look forward to upgrading my 5.21. Congrats on a new major release.

~~~
wpietri
Agreed! There are a few tools in the world that I love unreservedly, and nmap
is one of them. (A couple of other networking ones are tcpdump, wireshark, and
mtr.) It's one of those things where every key aspect has been thought through
and polished so thoroughly that I want to send somebody a bouquet.

