Nmap 4.01 Released – New Features


Nmap (“Network Mapper”) is a free open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. Nmap runs on most types of computers and both console and graphical versions are available. Nmap is free and open source.

Things that we consider userful in the extensive announcement are:

  • Added the ability for Nmap to send and properly route raw ethernet frames containing IP datagrams rather than always sending the packets via raw sockets. This is particularly useful for Windows, since Microsoft has disabled raw socket support in XP. Nmap tries to choose the best method at runtime based on platform, though you can override it with the new –send-eth and –send-ip options.
  • Added ARP scanning (-PR). Nmap can now send raw ethernet ARP requests to determine whether hosts on a LAN are up, rather than relying on higher-level IP packets (which can only be sent after a successful ARP request and reply anyway). This is much faster and more reliable (not subject to IP-level firewalling) than IP-based probes. It is now used automatically for any hosts that are detected to be on a local ethernet network, unless –send-ip was specified.
  • Overhauled UDP scan. Ports that don’t respond are now classified as “open|filtered” (open or filtered) rather than “open”. The (somewhat rare) ports that actually respond with a UDP packet to the empty probe are considered open. If version detection is requested, it will be performed on open|filtered ports. Any that respond to any of the UDP probes will have their status changed to open. This avoids the false-positive problem where filtered UDP ports appear to be open, leading to terrified newbies thinking their machine is infected by back orifice.
  • Integrated tons of new OS detection fingerprints. The database grew more than 50% from 1,121 to 1,684 fingerprints. Notable additions include Mac OS X 10.4 (Tiger), OpenBSD 3.7, FreeBSD 5.4, Windows Server 2003 SP1, Sony AIBO (along with a new “robotic pet” device type category), the latest Linux 2.6 kernels, Cisco routers with IOS 12.4, a ton of VoIP devices, Tru64 UNIX 5.1B, new Fortinet firewalls, AIX 5.3, NetBSD 2.0, Nokia IPSO 3.8.X, and Solaris 10. Of course there are also tons of new broadband routers, printers, WAPs and pretty much any other device you can coax an ethernet cable (or wireless card) into!

There is also a completely new man page, you can view it online too.

Fyodor has also given an interview on the release on Nmap 4.

Posted in: Hacking Tools, Networking Hacking, Security Software

, , , ,


Latest Posts:


LambdaGuard - AWS Lambda Serverless Security Scanner LambdaGuard – AWS Lambda Serverless Security Scanner
LambdaGuard is a tool which allows you to visualise and audit the security of your serverless assets, an open-source AWS Lambda Serverless Security Scanner.
exe2powershell - Convert EXE to BAT Files exe2powershell – Convert EXE to BAT Files
exe2powershell is used to convert EXE to BAT files, the previously well known tool for this was exe2bat, this is a version for modern Windows.
HiddenWall - Create Hidden Kernel Modules HiddenWall – Create Hidden Kernel Modules
HiddenWall is a Linux kernel module generator used to create hidden kernel modules to protect your server from attackers.
Anteater - CI/CD Security Gate Check Framework Anteater – CI/CD Security Gate Check Framework
Anteater is a CI/CD Security Gate Check Framework to prevent the unwanted merging of filenames, binaries, deprecated functions, staging variables and more.
Stardox - Github Stargazers Information Gathering Tool Stardox – Github Stargazers Information Gathering Tool
Stardox is a Python-based GitHub stargazers information gathering tool, it scrapes Github for information and displays them in a list tree view.
ZigDiggity - ZigBee Hacking Toolkit ZigDiggity – ZigBee Hacking Toolkit
ZigDiggity a ZigBee Hacking Toolkit is a Python-based IoT (Internet of Things) penetration testing framework targeting the ZigBee smart home protocol.


One Response to Nmap 4.01 Released – New Features

  1. Ho0ber February 15, 2006 at 12:41 pm #

    Great overview of the new features! Of course you can’t forget to mention the nice stuff like being able to interact with nmap once it is running. You can press enter to get a time estimate, and v to go into verbose mode.

    Its a really nice update to a program I already love.

    Oh, and welcome back – the site looks snappy. :)