From Seo Wiki - Search Engine Optimization and Programming Languages
scan results of an Nmap scan
|Original author(s)||Gordon Lyon (Fyodor)|
|Initial release||September, 1997|
|Stable release||5.21 / January 27, 2010|
|Written in||C, C++, Python, Lua|
|Type||computer security, network management|
|License||GNU General Public License|
Nmap is a security scanner originally written by Gordon Lyon (also known by his pseudonym Fyodor Vaskovich). Nmap is a "Network Mapper", used to discover computers and services on a computer network, thus creating a "map" of the network. Just like many simple port scanners, Nmap is capable of discovering passive services on a network despite the fact that such services aren't advertising themselves with a service discovery protocol. In addition Nmap may be able to determine various details about the remote computers. These include operating system, device type, uptime, software product used to run a service, exact version number of that product, presence of some firewall techniques and, on a local area network, even vendor of the remote network card.
Nmap features include:
- Host Discovery - Identifying computers on a network, for example listing the computers which respond to pings, or which have a particular port open
- Port Scanning - Enumerating the open ports on one or more target computers
- Version Detection - Interrogating listening network services listening on remote computers to determine the application name and version number
- OS Detection - Remotely determining the operating system and some hardware characteristics of network devices.
Typical uses of Nmap:
- Auditing the security of a computer, by identifying the network connections which can be made to it
- Identifying open ports on a target computer in preparation for auditing
- Network inventory, Network mapping, maintenance, and asset management
- Auditing the security of a network, by identifying unexpected new servers.
NmapFE, originally written by Zach Smith, was Nmap's official GUI for Nmap versions 2.2 to 4.22. For Nmap 4.50 (originally in the 4.22SOC development series) NmapFE was replaced with Zenmap, a new graphical user interface based on UMIT, developed by Adriano Monteiro Marques.
Zenmap, showing results for a port scan against Wikipedia
NmapFE, showing results for a port scan against Wikipedia
XNmap, a Mac OS X GUI.
Modules and libraries utilizing Nmap
Nmap was first published in September 1997, as an article in Phrack Magazine with source-code included. Further development included better algorithms for determining which services were running, code rewrites (C to C++), additional scan types and protocol support (e.g. IPv6, SCTP). Nmap reached version 4.0 in January 2006 and version 4.5 in December 2007. Version 5.0 came out in July 2009. Changes in each release are recorded in the Nmap Changelog.
Nmap is used to discover computers and services on a computer network, thus creating a “map” of the network. Just like many simple port scanners, Nmap is capable of discovering passive services on a network despite the fact that such services aren’t advertising themselves with a service discovery protocol. In addition Nmap may be able to determine various details about the remote computers. These include operating system, device type, uptime, software product used to run a service, exact version number of that product, presence of some firewall techniques and, on a local area network, even vendor of the remote network card.
Ethical issues and legality
Like most tools used in computer security, Nmap can be used for black hat hacking, or attempting to gain unauthorized access to computer systems. It would typically be used to discover open ports which are likely to be running vulnerable services, in preparation for attacking those services with another program.
System administrators often use Nmap to search for unauthorized servers on their network, or for computers which don't meet the organization's minimum level of security.
Nmap is often confused with host vulnerability assessment tools such as Nessus, which go further in their exploration of a target by testing for common vulnerabilities in the open ports found.
In some jurisdictions, unauthorized port scanning may be illegal.
Nmap in popular culture
In The Matrix Reloaded, Trinity is seen using Nmap to access a power plant's computer system, allowing Neo to physically break in to a building. The appearance of Nmap in the film was widely discussed on internet forums and hailed as an unusually realistic example of hacking compared to other movies.
Nmap and NmapFE were used in The Listening, a 2006 movie about a former NSA officer who defects and mounts a clandestine counter-listening station high in the Italian alps.
- ↑ Nmap Introduction - Phrack 51, Article 11
- ↑ Service and Application Version Detection
- ↑ SCTP Support for Nmap
- ↑ Nmap Changelog
- ↑ "10 Best Hacking and Security Software Tools for Linux, Sept 23 2008". http://blogs.iium.edu.my/jaiz/2008/09/23/10-best-hacking-and-security-software-tools-for-linux/.
- ↑ Hacking tool reportedly draws FBI subpoenas
- ↑ SANS Institute - Intrusion Detection FAQ: What is AMap and how does it fingerprint applications?
- ↑ Search | Gizmo's Tech Support Alert
- ↑ 9.0 9.1 "nmap in the movies". http://nmap.org/movies.html.
- ↑ Kevin Poulsen (2003-05-16). "Matrix Sequel Has Hacker Cred". The Register. http://www.theregister.co.uk/2003/05/16/matrix_sequel_has_hacker_cred/.
- Fyodor Lyon, Gordon (January 1, 2009), Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning, Nmap Project, pp. 468, ISBN 0979958717, http://nmap.org/book/