Nmap

From Free net encyclopedia

{{Infobox Software | name = Nmap | screenshot = Image:Nmap screenshot.png | caption = | developer = Fyodor | latest_release_version = 4.01 | latest_release_date = February 2006 | platform = CLI | genre = Computer security, Network management | license = GNU General Public License | website = http://insecure.org/ }}

Nmap is a Free Software port scanner written by Fyodor. It is used to evaluate the security of computers, and to discover services or servers on a computer network.

Contents

[edit]

Features

Nmap features include:

Typical uses of Nmap:

  • Listing the services available on a server
  • Auditing the security of a computer, by identifying the network connections which can be made to it [1]
  • Identifying open ports on a target computer in preparation for hacking it [2]
  • Identifying computers on a network, for example listing the computers which respond to pings, or which have a particular port open
  • Auditing the security of a network, by identifying unexpected new servers [3]
  • General network maintenance and computer security
[edit]

Platforms

Nmap runs on Unix-like systems, Microsoft Windows, Mac OS X, and AmigaOS. [4]. It can also be installed on one computer, and controlled from another [5].

[edit]

Graphical interfaces

Image:Nmapfe screenshot.png

The main GUI frontend is nmapfe, originally written by Zach Smith, and integrated into Nmap since version 2.2 [6]

Various web-based interfaces are available, allowing Nmap to be controlled using a web browser, for example LOCALSCAN [7] and nmap-web [8]

NMapWin [9] is the Microsoft Windows GUI interface for Nmap, being derived from the nmapfe program

[edit]

History

Nmap was first published in September 1997, as an article in Phrack Magazine with source-code included [10]

Further development included better algorithms for determining which services were running [11], code rewrites (C to [[C++]]), additional types of scans and protocol support (e.g. IPv6)

Nmap reached version 3.5 in February 2004, and version 4.0 in January 2006, with various improvements [12] [13]

[edit]

Controversy

Like most tools used in computer security, Nmap can be used for Black hat hacking [14], or attempting to gain unauthorised access to computer systems. It would typically be used to discover open ports which are likely to be running vulnerable services, in preparation for attacking those services with another program [15]. An example of this use is fictionalised in The Matrix, noted below.

System administrators can use Nmap to search for unauthorized servers on their network, or for computers which don't meet the organisation's minimum level of security [16]. (Note that Nmap alone will only give a basic indication of a computer's vulnerability, and is normally used in conjunction with other tools and tests)

Nmap is often confused with host vulnerability assessment tools such as Nessus, which go further in their exploration of a target by testing for common vulnerabilities in the open ports found.

[edit]

Nmap in popular culture

In The Matrix Reloaded, Trinity is seen using Nmap to access a power plant's computer system [17], allowing Neo to physically break-in to the building.

The appearance of Nmap was widely discussed on internet forums [18], and hailed as an unusually realistic example of hacking compared to other movies [19]. It is thought that Trinity used the CRC32 exploit [20] (discovered in 2001) to gain entry, once Nmap revealed the existence of an SSH service [21].


Some Nmap source code can be seen in movie Battle Royale [22].

[edit]

Documentation and papers

[edit]

See Also

  • Port scanner for explanation on the basic concepts and a list of other port scanning tools.
[edit]

External links

es:Nmap fr:Nmap it:Nmap nl:Nmap pl:Nmap pt:Nmap ru:Nmap zh:Nmap

Retrieved from "http://www.netipedia.com/index.php/Nmap"