Nmap 5.00 Released, With Many Improvements

iago-vL writes "The long-awaited Nmap Security Scanner version 5.00 was just released (download)! This marks the most important release since 1997, and is a huge step in Nmap's evolution from a simple port scanner to an all-around security and networking tool suite. Significant performance improvements were made, and dozens of scripts were added. For example, Nmap can now log into Windows and perform local checks (PDF), including Conficker detection. New tools included in 5.00 are Ncat, a modern reimplementation of Netcat (with IPv6, SSL, NAT traversal, port redirection, and more!), and Ndiff, for quickly comparing scan results. Other tools are in the works for future releases, but we're still waiting for them to add email and ftp clients so we can finally get off Emacs!"

Re:Bloat.

[Xiph]

When i read the summary, that's what i thought.

And to some extent, i think you might still be right.
What they've done isn't to build in Conficker detection and the like, but to enable scripting so you can extent nmap.
being able to write nmap scripts is nice, on the other hand, on the other hand, several other tools allow for scripting nmap, so i don't see the point in going the other way around it.

Re:Bloat.

[thefear]

So nmap went from a special purpose-built tool to a suite. Frack.

Step 1) Download the tarball
Step 2) Compile with '--without-ndiff --without-zenmap --without-liblua --without-ncat --without-openssl' for a classic Nmap experience
Step 3) Profit

Re:Bloat.

[Rycross]

Really? Everyone I know who uses Visual Studio .Net loves it, and I frequently hear comments, even on Slashdot, how its the "One thing that Microsoft got right." I certainly enjoy using it, and scratch my head when I come across the occasional (rare) comment that its "bloated and buggy."

Of course, using the words "bloated and buggy" has become the new "I don't like it, but don't want to give any specifics." So, yeah.

Re:Keep beating that horse

[insecuritiez]

Full Disclosure: I am a Nmap developer.

Despite your trollish tone, you're right that there isn't a ton of innovation coming out in just TCP port scanning. The 5.00 release has several scanning performance improvements but port scanning is still port scanning.

But as for innovation/enterprise features:

* OS Fingerprinting (second generation engine)
* Graphing (via the Zenmap front-end) of the network topology
* Service fingerprinting
* Script engine including
    * Windows SMB/CIFS/RPC scripts
    * Windows vulnerability detection scripts
    * SQL Injection scanning script
    * Telnet/HTTP/FTP/SMB brute force scripts
    * Conficker detection script
    * A lot more
* XML output for report generation and nice XLST file for conversion to HTML

If you want to see AI behind OS fingerprinting, then submit a patch. I'd recommend starting with a Support Vector Machine as that has shown the most promise in developer testing.

If you want to see a webapp front-end for scheduling of scans and report generation then start a project.

Nmap is an open source project and despite the release wording, does not believe in bloat. Nmap isn't Nessus and never will be. If you want a client/server architecture or webapp they will be separate tools.

I use Nmap in an enterprise environment to scan 3 /16 networks (all ports). Do you?

Re:Bloat.

[Freetardo Jones]

But then again, these are tools written by developers, for developers, not by developers for marketeers. Say what you will about Visual Studio .NET, but I can point you at scores of people that absolutely despise it, and not for the fact that it's closed source. It's terrible bug-infested bloatware, and everyone who has ever used it knows that. (That being said, there are those that are forced to use it, of ocurse).

I've used Visual Studio 2005, 2008 and 2010 and love them all and almost everyone else where I work loves it as well.

Re:Bloat.

[iago-vL]

As the original poster, and the author of a dozen or more Nmap scripts, I agree 100%. If you look at the tool itself, you'll see that everything is fairly separate and independent, even if they share a common codebase -- between the scripting and the "bonus" tools, the core is still fairly tight.

My comment at the end about the bloat + Emacs was intended 100% as humour, not actual commentary. I'm hoping nobody took it as a legitimate stab at Nmap, because it wasn't.

It is significantly faster

[peterthomas2009]

I have just added the latest version to HackerTarget.com [hackertarget.com].

Across the board I am seeing significant speed improvements over 4.85.

Congratulations to the developers this looks like another quality release. I am looking forward to testing some of the new features to determine what additional capabilities can be added to our online scanning.

* Full disclosure - I run HackerTarget.com *

netcat /email

[Anonymous Coward]

we're still waiting for them to add email and ftp clients

Fyodor added ncat, which means you've *already* got ftp and email support. Now I bet you're gonna complain that ftp & email are hard or something, when you have to hand type the bytes...