Nmap, which stands for “Network Mapper,” is a free and open source tool for performing network mapping, port scanning, and vulnerability assessments. Although it was first released in 1997, Nmap continues to be the benchmark against which other commercial and open-source network scanning tools are evaluated.
The large number of developers and coders who help keep Nmap maintained and updated is a major factor in the tool’s continued success. Nmap is a free tool that is widely used, with thousands of downloads reported each week by the Nmap community.
Its open source nature and modifiability mean it can be adapted to function in a wide variety of specialized settings. Nmap is available in Windows, Mac, and Linux-specific versions, but it also works with less common or older OSes like Solaris, AIX, and AmigaOS. The code is downloadable in several different languages, including C, C++, Perl, and Python.
Nmap 7.90, released in October of 2020, was the most recent major update, and it introduced over 70 fixes and enhancements in addition to new features, improved performance, and a higher standard of code quality.
So, how does Nmap function?
Port scanning is fundamental to Nmap. Users create an inventory of targets on a network about which they wish to gather intelligence. Most administrators don’t have a full picture of everything that’s using the potentially thousands of ports on their network, so it’s helpful that users don’t have to identify specific targets. Instead, they gather a list of potential ports to probe.
It is also possible to perform a scan of all network ports, though this could take a long time and use up a lot of bandwidth. Furthermore, a port scan of this magnitude would likely set off security alarms, depending on the nature of the passive defenses currently deployed on the network. Most users therefore deploy Nmap in smaller increments or partition their networks into smaller sections for periodic scanning using Nmap.
Users can not only select which targets to scan, but also determine how thoroughly each target will be examined. For instance, a quick scan could tell you which ports are open and which are blocked by the firewall. More in-depth scans may also pick up details like the types of devices connecting to those ports, the operating systems they’re using, and the services that are currently running. Nmap can also find more in-depth details, such as the service version. That’s why it’s so useful for vulnerability assessment and supporting patch management initiatives.
In the past, scanning had to be controlled via console commands, which necessitated training. However, with the new Zenmap graphical interface, anyone, regardless of prior experience, can tell Nmap exactly what they want it to find. Experts can keep using the familiar console commands they’re used to, making this an effective tool for both experienced and inexperienced users.
When using Nmap, do you have to worry about security?
While Nmap has been called the perfect hacking tool, in order to perform some of the more in-depth scans, root access and privileges are required. Without proper authorization, an external attacker cannot simply point Nmap at a target network and expect to find exploitable flaws. Moreover, any defensive or network monitoring tools would likely issue a critical security alert in response to the attempt.
That’s not to say Nmap isn’t potentially harmful in the wrong hands; a rogue system administrator or someone with stolen credentials could use it to cause havoc. This was made clear in Oliver Stone’s 2016 film Snowden (another film that featured Nmap) about the alleged traitor Edward Snowden.
When will Nmap be updated again?
Nmap is a tool that has been around for 25 years, but it still keeps getting better. It is well maintained by an active community of experts who keep it relevant and up to date, much like other seemingly ancient technologies like Ethernet or Spanning Tree Protocol. And Nmap’s very active creator, who still uses the Fyodor moniker online, is a part of that community.
The new Zenmap tool is one example of an improvement that will appeal to those who prefer GUIs to the console or command lines. Zenmap’s graphical user interface (GUI) facilitates easy target setup and scan configuration with minimal effort. As a result, Nmap will be able to attract a wider audience.
Finally, Nmap has a proven track record while many other tools today can perform similar functions but do not. Moreover, Nmap has always been available for free online download. For these reasons, it’s almost certain that Nmap will continue to be just as useful and relevant in the next 25 years as it has been for the past quarter century.
If you are interested in these technical topics and want to know more about security + solutions click here.