Henry Dalziel | General Hacking Posts, Hacker Hotshots, Latest InfoSec News, Pentesting Tools, Product Reviews | August 23, 2013
We love nmap. Who doesn’t? Literally, nmap is discussed in virtually every Hacker Hotshot web show that we host, since it is an extremely versatile tool.
Update: we are no longer offering nmap training but we do have an nmap resources page here.
We’ve been offering nmap training for a while now and like many other people, believe that an understanding of network mapping is, of course, vital to a penetration tester or security professional. This post is to outline a few changes in the latest version of nmap (version 6.40) which was released a few days ago (August 20th 2013).
What’s new in nmap 6.40?
Aside from the usual repertoire of bug fixes and a boost to performance there are five main changes, or rather developments. These are:
NSE scripts refer to the Nmap Scripting Engine which essentially allows users to write simple scripts that in turn facilitate greater task automation. The NSE scripts that users write can then be used within the nmap framework which is noted for its’ speed and reliability.
NSE scripts usually assist with network discovery, vulnerability detection and exploitation and backdoor detection. The backdoor detection is a particularly interesting feature since hackers often place scripts to leave a backdoor within a web application for later re-access. Nmap can detect some of these instances. If you are reading this and have an interest in detecting malware and backdoors on your website then you ought to watch our “Uncovering Malware in Your Website” with Jason Kent (September 12th). Our Concise Courses Hacker Hotshot web show with Jason is going to a particularly helpful, practical and educational event on this subject matter, so boot-up your nmap scripts and come join us!
The installation of additional OS detection signatures is another key component of this newly updated nmap version. Nmap can sniff out OS and Service level fingerprinting which in turn is helpful to the penetration tester since it will allow him or her to understand the type of hosts connected to the network and, importantly, their level of exposure and therefore recommend possible patches.
The further refinement of Netcat within nmap will be very welcome for many. Netcat is often referred to as the “Swiss-army knife for TCP/IP” because it can perform a variety of useful tasks like grabbing banners and helping out with understanding sockets.
Let us know how much you use nmap at work or for research, we’d love to hear from you. In fact, the timing of the newly updated nmap is interesting – in light of the clever folks at the University of Michigan that developed ZMap, a scanning program, very similar to nmap, that was able to scan every IPv4 on the Internet within 44 minutes! This is a staggering achievement considering that EFF took 2-3 months to achieve the same task using nmap back in 2010.
Remember as well please, if you feel that you might need some nmap training, or that you might need to brush up your skills, and learn these latest additions to this popular scanning and network analysis tool, then sign-up for our popular nmap training course!