I used nmap a lot during the 2.5 days (c. 2001), and was even a (very occasional) contributor as they were porting to Windows. I can safely say I have 0 idea how 90% of its functionality works anymore - and I think that's a testament to how far the project has come.
It was best of breed then, and is up there with the most successful open source projects - certainly in the security space, but maybe even anywhere.
Hats off to Fyodor and the rest of the team. This looks like really excellent work.
Whenever you buy a new network connected gizmo please scan it with nmap and please submit the OS/Service fingerprints if nmap does not know about the device. NMAP makes it super easy to contribute the the fingerprints db.
One of the ways nmap makes this super easy is that it prints out the submission page and asks you to submit the fingerprints if it does not know about the device:)
If you get a new device run a full scan against the device; all ports, OS detection and full service version scan.
The above would be great. All 65535 ports is probably overkill. But if its your device and you have the time why not? Rinse and repeat with UDP if you are feeling especially charitable.
In my experience, NMap hasn't been the best at identifying smartphones and other mobile devices. So from my point of view, yes, this would help. I don't know NMap's goals on that, though.
Everyone has seen Nmap used and might not even know it. It was famously used by Trinity in The Matrix, and has popped up in Die Hard, Bourne Ultimatum, The Girl with the Dragon Tattoo and more. http://nmap.org/movies.html
We also felt that the old -sP ("ping scan") option was a bit misleading because current versions of Nmap can go much further (including -sC and --traceroute) even with port scans disabled. We will retain support for the previous option names for the foreseeable future.
That command works great for me using nmap 6. It finds all hosts on my network. And now with v6, I can do something similar to find IPv6 addresses on my network, with this command:
sudo nmap -6 -sL --script targets-ipv6-\* --script-args=newtargets
Maybe I don't use Nmap enough, but I find the Nmap switches very difficult to remember. It usually takes a few minutes in the man pages, then a few more minutes in Google before I finally figure out how to do what I want. Perhaps this goes away with experience?
It definitely goes away with experience. When you use nmap regularly you only use 10% of the switches most of the time and typing them after nmap becomes muscle memory.
Great to see the large list of new features and improvements.
Get a copy and start scanning, don't just scan your web servers and Internet gateway. Have a crack at your Internet connected TV, WII and any other device that has an IP Address. If nothing else its fun. :)
>Have a crack at your Internet connected TV, WII and any other device that has an IP Address
Definitely do this. I can especially recommend it if you're a bored teenager. I learned a lot back in the day from abusing cheap gear like printers, routers and stuff.
I'm really tempted to set up a gopher server on an IPv6-only host, just to try this out. While perhaps pointless, it's a testament to open source that NMAP includes this.
Besides Nmap's innate usefulness, it is part of the backbone of many other tools. How long before BackTrack upgrades? Tools like Metasploit, do they include their own Nmap (which would need to be upgraded), or relay on your having it?
Can I use nmap to detect who is talking to who on a network & over what ports? I dont want to install agent script on each node, but would install nmap on one of the nodes in the network.
Agreed! There are a few tools in the world that I love unreservedly, and nmap is one of them. (A couple of other networking ones are tcpdump, wireshark, and mtr.) It's one of those things where every key aspect has been thought through and polished so thoroughly that I want to send somebody a bouquet.
It was best of breed then, and is up there with the most successful open source projects - certainly in the security space, but maybe even anywhere.
Hats off to Fyodor and the rest of the team. This looks like really excellent work.