A new version of Nmap, a hugely important open source security tool used for network mapping and port scanning, exploded onto the scene last month, giving network security staff and others who use it an early Christmas present.
No obscure open source tool, Nmap has been featured in more than a dozen movies, including “The Matrix Reloaded,” “Fantastic Four” and “Bourne Ultimatum.”
Why You Should Use Nmap
Nmap is the de facto standard network mapping and port scanning tool. Widely used by network security staff and penetration testers, the open source tool is popular with malicious hackers too. One of the first things a hacker is likely to do after gaining access to your network is reconnaissance, performed with a network scan using Nmap.
This way the hacker can begin to build a picture of your network topology and learn which machines are connected to it, which versions of operating systems they are running, which ports they have open, and what vulnerabilities might exist.
Scanning your own network with this open source scanning tool can therefore reveal what a hacker could discover, and allows you to spot
- any unauthorized devices connected to your network
- any devices with open ports that should not be open
- any users that are running unauthorized services, either intentionally or without their knowledge
The Nmap Scripting Engine (NSE) built into Nmap can also run scripts to scan for well-known vulnerabilities, allowing you to find any known vulnerabilities in your infrastructure before a hacker does.
Nmap 7.00 has been three-and-a-half years in development, with the enthusiastic support of the open source community, and is the result of nearly 3,200 code commits. Here are the top five new features:
Nmap 7.00’s Improved NSE Functionality
The Nmap Scripting Engine comes with 171 new scripts and 20 libraries. Examples include firewall-bypass, supermicro-ipmi-conf, oracle-brute-stealth and ssl-heartbleed. And NSE is now powerful enough that scripts can take on core functions such as host discovery (dns-ip6-arpa-scan), version scanning (ike-version, snmp-info) and remote procedure call (RPC) service fingerprinting (rpc-grind).
Better IPv6 Support
IPv6 has a vastly larger address space than IPv4, which makes comprehensive network scanning harder – but not impossible. IPv6 scanning improvements were introduced in Nmap 6, but Nmap 7 now offers full IPv6 support for CIDR-style address ranges, Idle Scan, parallel reverse-DNS and more NSE script coverage.
New Nsock engines give a performance boost to Windows and BSD systems, target reordering prevents a nasty edge case on multi-homed systems, and NSE tweaks lead to much faster version detection scans.
Better TLS/SSL Scanning
The ssl-enum-ciphers script has been entirely revamped to perform fast analysis of TLS deployment problems, and version scanning probes have been tweaked to detect the newest TLS handshake versions quickly.
New OS Support
Nmap 7.0 runs cleanly on Windows 10 (and in fact all the way back to Windows XP) and OS X 10.11 El Capitan, and it also offers updated support for Solaris and AIX.