Slashdot Mirror

← Back to Stories (view on slashdot.org)

Nmap 5.00 Released, With Many Improvements

Posted by timothy on from the ok-now-release-another-nsfw-introduction dept.

iago-vL writes "The long-awaited Nmap Security Scanner version 5.00 was just released (download)! This marks the most important release since 1997, and is a huge step in Nmap's evolution from a simple port scanner to an all-around security and networking tool suite. Significant performance improvements were made, and dozens of scripts were added. For example, Nmap can now log into Windows and perform local checks (PDF), including Conficker detection. New tools included in 5.00 are Ncat, a modern reimplementation of Netcat (with IPv6, SSL, NAT traversal, port redirection, and more!), and Ndiff, for quickly comparing scan results. Other tools are in the works for future releases, but we're still waiting for them to add email and ftp clients so we can finally get off Emacs!"

14 of 73 comments (clear)

  1. Bloat. by girlintraining · · Score: 2, Insightful

    So nmap went from a special purpose-built tool to a suite. Frack. Anyone here taking commissions on erecting a grave marker? UNIX is nice because it creates many little purpose-built utilities that can be strung together to perform complex tasks. This style of thinking seems to be going away in favor of integrated solutions that rather than doing one thing well do an umbrella of things passably okay. At least they haven't gone the approach yet of stuffing everything into a service that has to run all the time or the scanning engine will go stabby-bits on the user, which seems to be how "security" software runs on Windows... But it's only a matter of time.

    --
    #fuckbeta #iamslashdot #dicemustdie
    1. Re:Bloat. by arabagast · · Score: 3, Interesting

      I think that this is exactly what they are doing, only that all the small tools are bundled in the same tarball.

      --
      Doolittle : ...What is your one purpose in life?
      Bomb no.20 : To explode of course.
    2. Re:Bloat. by Xiph · · Score: 2, Informative

      When i read the summary, that's what i thought.

      And to some extent, i think you might still be right.
      What they've done isn't to build in Conficker detection and the like, but to enable scripting so you can extent nmap.
      being able to write nmap scripts is nice, on the other hand, on the other hand, several other tools allow for scripting nmap, so i don't see the point in going the other way around it.

      --
      Blah blah sig blah blah blah irony blah blah
    3. Re:Bloat. by morgan_greywolf · · Score: 3, Insightful

      Having to compete on feature sets, interoperability, and user satisfaction is a lot harder than claiming moral superiority. -_- This is why open source still isn't taken seriously by businesses -- the mindset of its adherents is still blatantly immature.

      Nice troll you have there.

      Open source gets lots of things right -- and -- lots of things wrong.

      If you want to talk about competing on feature sets, interoperability and user satisfaction, well, there are quite a few packages out there that do exactly that. OF course, you always have to take into account your audience.

      Development tools like gcc, autoconf, Python, Perl, Emacs, gdb, are all at the top of their class in terms of these three things. I know several people, for example, who have been using Emacs since 1984, including myself (off and on; it's a love/hate relationship for me. :)

      But then again, these are tools written by developers, for developers, not by developers for marketeers. Say what you will about Visual Studio .NET, but I can point you at scores of people that absolutely despise it, and not for the fact that it's closed source. It's terrible bug-infested bloatware, and everyone who has ever used it knows that. (That being said, there are those that are forced to use it, of ocurse).

      For user software, Firefox is definitely at the top of its class in those three categories, no doubt about it. Its constantly rising market share proves that.

      Apache? Despite Microsoft's best efforts, more than 2/3rds of all websites are still running Apache. Again, specifically because of user satisfaction (webmasters love Apache), interoperability (everybody makes their stuff work with Apache), and feature sets (IIS can hardly compete with Apache today, considering how badly Microsoft has stagnated it.)

      Sure, there's stuff open source gets wrong, but that's not my point. My point is this: your comment is either astroturfing, or you're Microsoft zealot, or you're a troll, plain and simple.

      --
      My blog
    4. Re:Bloat. by thefear · · Score: 5, Informative

      So nmap went from a special purpose-built tool to a suite. Frack.

      Step 1) Download the tarball
      Step 2) Compile with '--without-ndiff --without-zenmap --without-liblua --without-ncat --without-openssl' for a classic Nmap experience
      Step 3) Profit

      --
      :(
    5. Re:Bloat. by Rycross · · Score: 3, Informative

      Really? Everyone I know who uses Visual Studio .Net loves it, and I frequently hear comments, even on Slashdot, how its the "One thing that Microsoft got right." I certainly enjoy using it, and scratch my head when I come across the occasional (rare) comment that its "bloated and buggy."

      Of course, using the words "bloated and buggy" has become the new "I don't like it, but don't want to give any specifics." So, yeah.

    6. Re:Bloat. by Freetardo+Jones · · Score: 2, Informative

      But then again, these are tools written by developers, for developers, not by developers for marketeers. Say what you will about Visual Studio .NET, but I can point you at scores of people that absolutely despise it, and not for the fact that it's closed source. It's terrible bug-infested bloatware, and everyone who has ever used it knows that. (That being said, there are those that are forced to use it, of ocurse).

      I've used Visual Studio 2005, 2008 and 2010 and love them all and almost everyone else where I work loves it as well.

    7. Re:Bloat. by iago-vL · · Score: 5, Informative

      As the original poster, and the author of a dozen or more Nmap scripts, I agree 100%. If you look at the tool itself, you'll see that everything is fairly separate and independent, even if they share a common codebase -- between the scripting and the "bonus" tools, the core is still fairly tight.

      My comment at the end about the bloat + Emacs was intended 100% as humour, not actual commentary. I'm hoping nobody took it as a legitimate stab at Nmap, because it wasn't.

      --
      http://www.skullsecurity.org/blog/
  2. ncat by arabagast · · Score: 3, Interesting

    i was just about to check out ncat. Seems interesting. The only downside is that is can never reach the same critical mass as the vanilla nc, and hence you cannot rely on the more advanced functions on an unknown computer. would be cool though, SSL could be handy in some situations.

    --
    Doolittle : ...What is your one purpose in life?
    Bomb no.20 : To explode of course.
  3. Some of the best.... by 222 · · Score: 2

    Some of the best things in life are free :- )

  4. Re:Keep beating that horse by insecuritiez · · Score: 5, Informative

    Full Disclosure: I am a Nmap developer.

    Despite your trollish tone, you're right that there isn't a ton of innovation coming out in just TCP port scanning. The 5.00 release has several scanning performance improvements but port scanning is still port scanning.

    But as for innovation/enterprise features:

    * OS Fingerprinting (second generation engine)
    * Graphing (via the Zenmap front-end) of the network topology
    * Service fingerprinting
    * Script engine including
        * Windows SMB/CIFS/RPC scripts
        * Windows vulnerability detection scripts
        * SQL Injection scanning script
        * Telnet/HTTP/FTP/SMB brute force scripts
        * Conficker detection script
        * A lot more
    * XML output for report generation and nice XLST file for conversion to HTML

    If you want to see AI behind OS fingerprinting, then submit a patch. I'd recommend starting with a Support Vector Machine as that has shown the most promise in developer testing.

    If you want to see a webapp front-end for scheduling of scans and report generation then start a project.

    Nmap is an open source project and despite the release wording, does not believe in bloat. Nmap isn't Nessus and never will be. If you want a client/server architecture or webapp they will be separate tools.

    I use Nmap in an enterprise environment to scan 3 /16 networks (all ports). Do you?

  5. Re:Keep beating that horse by timbrown · · Score: 3, Interesting

    Disclosure: I am an OpenVAS developer...

    Nmap does what it does very well. It would be a strange day that I stop using it for pentesting, in fact more likely I'll adopt some of the other tools the project has developed. Ncat in particular sounds great simply because it unifies multiple functions I currently use from other tools. The other thing I like is the NSE, great for quickly cooking up a scanner for 0day threats as we saw with Conficker check they produced.

    If you want a Free Software vulnerability scanner, then support OpenVAS. The project is making quiet progress (cleaning up the code base, redesigning the architecture and most importantly adding new NVTs) and has just had a second DevCon in Germany with 16 developers from 4 continents making the trip. Nothings ever perfect but it now has NVT that are not in Nessus so if you're not using it, you're probably missing out. It's worth noting that we at OpenVAS like the nmap developments so much that a couple of the OpenVAS developers are looking to actively contribute and we're considering libnmap as a replacement for the rather fragile port / service discovery functionality we inherited.

    --
    Tim Brown
  6. A thousand HP Directjet boxes cry out in pain ... by dbIII · · Score: 3, Interesting

    ... and are forever silenced. Nmap is great but there are incredibly crappy devices out there that can be killed with a simple port scan. It's a good idea to make sure no such critters are on the subnet you scan when you start playing with nmap. Some non-HP older printers also need a full reset after they have been scanned. Hopefully newer devices are not designed so badly that they expect to be configured by just throwing a few bytes at a port with no attempts to find out if you should be allowed to do it.
    Nmap and similar tools will show you that what in the past was called "enterprise" was simply becuase the vendors assumed you had a lot of expendable guys in red to throw at any problem. It can show you where there is none of the security the sales guy said was there.

  7. Re:Keep beating that horse by geminidomino · · Score: 2, Funny

    what sort of enterprise features do you want from a TCP scanner?

    Build in Email Client, image editor, and web browser, of course. Don't you know that no special-purpose tool is complete without them?