Celebrating The 19th Anniversary of Nmap

Long-time Slashdot reader collinl writes: Nmap was released 19 years ago on September 1... Seems like it has been around for ever. Was there a port scanner before Nmap?
Good question. Nmap first appeared in an article in Phrack magazine back in 1997 (which included its complete source code), although over the years its output options have expanded to include a humorous "script kiddie" format. And by 2007 the Nmap Scripting Engine was released, which in 2010 was used to generate a cool visualization showing the popularity of the top million favicons.

So simple, so useful

[BringsApples]

I love you Nmap, happy belated bday.

Re:So simple, so useful

[David_Hart]

I love you Nmap, happy belated bday.

19th Anniversary... WTH... Wake me up when it is 25 years old... No one celebrates their 19th unless that is the local drinking age...

Re:So simple, so useful

[BringsApples]

Wake me up when it is 25 years old... No one celebrates their 19th...

Not sure what's more odder, not celebrating your 19th birthday (or any birthday for that matter), only celebrating your 25 birthday (WTH happens at 25 besides the possibility of a car insurance discount), or the fact that I used the phrase "Not sure what's more odder".

Re:So simple, so useful

Anyone remember strobe?

Lockdown

Annoying that in many places use of a tool like this is prohibited. Stupid because they could just use it themselves to get same results, see what's open, and close it or change networking so it's not accessible from main network.

Anyway had lots of fun with Nmap and friends in college network security class.

Re:Lockdown

For your own ports you use netstat

Re: Lockdown

Not if you're pawned!

Re:Lockdown

[epyT-R]

It's always good practice to verify from a remote host.

Re: Lockdown

I've had times where I needed more info about an address so I could create a monitor so I'm alerted when it fails. Nmap made that job easier.

Shields Up by grc...

had similar functionality, but it was presented as a tool to test your own ports and lock them down.

I started using it about the same time that I got on the Nmap mailing list in the late 90's, but I am not certain which came first.

Real

it's how I keep it (tm)

"Good question" answered in the article

The article explains that nmap, by far, is not the first:

Prior to writing nmap, I spent a lot of time with other scanners exploring the Internet and various private networks (note the avoidance of the "intranet" buzzword). I have used many of the top scanners available today, including strobe by Julian Assange, netcat by *Hobbit*, stcp by Uriel Maimon, pscan by Pluvius, ident-scan by Dave Goldsmith, and the SATAN tcp/udp scanners by Wietse Venema. These are all excellent scanners! In fact, I ended up hacking most of them to support the best features of the others. Finally I decided to write a whole new scanner, rather than rely on hacked versions of a dozen different scanners in my /usr/local/sbin. While I wrote all the code, nmap uses a lot of good ideas from its predecessors. I also incorporated some new stuff like fragmentation scanning and options that were on my "wish list" for other scanners.

Re:"Good question" answered in the article

[ngc5194]

I also remember something called "portscan" that was part of the FireWall Tool Kit (fwtk). If I recall correctly, I was using it as early as 1993. I don't recall by how much it predated my use.

Re: "Good question" answered in the article

Pscan was written in August 1994 as a bet. Someone came on irc asking for a portscanner and I said just write one, should take only 5 min. They didn't believe me and pscan was the result. Archaic compared to nmap, but it was before netcat and satan. Not sure about others, but there wasn't a lot floating around in 94.

Yes. Lots of earlier port scanners.

I was using port scanners from at least 1991, although I assume some existed before hand.

That said, omg, was nmap a great step forward.

--Q

netcat stdin | od

yeah baby

Yes, Yes there were port scanners before nmap

Satan, & later an early type of ids, known respectively as Satan & archangel.
http://ftp.porcupine.org/pub/s...

Rest in Peace Dan, you were fewked over by idiots & died way too soon.

Always one of the first things I install

[93+Escort+Wagon]

At first blush I t seems like nmap has such a narrow use case; but it's so bloody useful under lots of different circumstances.

Does anyone ever use the gui version though (zenmap)? I don't really see the point, except perhaps on Windows...

Re:Always one of the first things I install

I find it useful to quickly get a complex nmap command set up without having to read through the nmap man page.

omg

does anyone still uses the CHANGELOG file anymore?

nmap rock

[Cederic]

These days people use a mix of tools, but nmap remains useful and fantastic.

Re:nmap rock

[hcs_$reboot]

For those who don't know `nmap` it's convenient and easy to use.

Hail SATAN!

https://en.wikipedia.org/wiki/Security_Administrator_Tool_for_Analyzing_Networks

well done nmap!

You were great in the matrix!

*girly screams*

Was there as scanner before Nmap

Good question. Rather than as nswer it though, here's a bunch of other shit about nmap.

I thought it was funny that the slashdot article asked one question and answered a different one

Matrix?

[isham]

What, no mention of it's use by Trinity in Matrix 2?