Nmap, short for Network Mapper, is a free, open source tool used to check for vulnerabilities, scan ports, and, of course, network mapping. Although established in 1997, Nmap remains the gold standard against which all other similar instruments are valued, whether commercial or open source.
Nmap has maintained its superiority due to the large community of developers and coders who help maintain and update it. The Nmap community reports that the tool that everyone you can get it for freeis downloaded several thousand times each week.
Due to its flexible open source database, it can be modified to work in most customized or highly specialized environments. There are distributions of Nmap specific to Windows, Mac and Linux environments, but Nmap also supports less popular or older operating systems such as Solaris, AIX or AmigaOS. The source code is available in C, C ++, Perl and Python.
The last major update was Nmap 7.90 in October 2020, which included more than 70 bug fixes and improvements, as well as various system build upgrades and code quality improvements.
What is Zenmap?
To deploy Nmap, users initially had to have some advanced programming skills, or at least know how to bypass console commands or non-graphical interfaces. This has changed recently with the introduction of Zenmap tool for Nmap, which adds a graphical interface that makes starting the program and analyzing the returned result it generates much more accessible.
Zenmap was created to allow beginners to use the tool. Like Nmap, Zenmap is free and the source code is open and accessible to anyone who wants to use or modify it.
Here are some of the features that Zenmap allows: Frequently used scans can be saved as profiles so that they can be easily performed multiple times. Command Creator allows interactive creation of Nmap command lines. The scan results can be saved and viewed later. Saved scan results can be compared with each other to see how they differ. And the results of recent scans can be stored in a searchable database.
How Nmap became a movie star
The tool was originally created using the C ++ computer language by Gordon Lyon. He released the instrument Phrack Magazine under the pseudonym Fyodor Vaskovich, which he created after reading Fyodor Dostoevsky’s book Notes from Underground. Although today everyone knows who Lyon is, he still uses the name Fyodor to identify his work in the Nmap community.
And it’s not just computer scientists and the IT community who consider Nmap a star. He is featured in popular culture, including books, TV shows and blockbuster movies. It is certain that no other instrument has had so many episodic appearances in major films.
Nmap is included in thriller films set in the modern world 8 of Ocean, Die hard 4 and The girl with the dragon tattoo. And although the tool is 25 years old, if Hollywood has it right, it will still be used in the future, even anti-utopian. This is because Nmap is also presented in The matrix is recharged, Dredd, the Fantastic Four and Elysium. He even has the dubious distinction of being prominent in the softcore series HaXXX or.
The Nmap-supported community of developers, as well as Lyon itself, has openly invited film directors and screenwriters to offer technical advice to help make films that include Nmap a little more realistic. They also keep active and constantly expanding filmography regarding the instrument.
One of the reasons Nmap has been featured in so many movies is its ability to uncover unknown information about computer networks, which means it’s a great tool for hackers. Ironically, it was created to help administrators map, protect, and defend their networks, but it’s powerful enough that bad guys can use it for intelligence to capture information about the networks they’re targeting. malicious activities.
How does Nmap work?
The heart of Nmap is port scanning. The way it works is that users define a list of network goals for which they want to learn information. Users do not have to identify specific targets, which is good because most administrators do not have a complete picture of everything that potentially uses the thousands of ports on their network. Instead, they compile a set of scan ports.
It is also possible to scan all network ports, although this will potentially take a long time and eat up a lot of available bandwidth. In addition, depending on the type of passive protections used in the network, such a massive port scan is likely to trigger security signals. As such, most people use Nmap in more limited deployments or split different parts of their network for scheduled scans over time.
In addition to setting the range targets to be scanned, users can also control the depth of each scan. For example, a light or limited scan can return information about which ports are open and which are closed by firewall settings. More detailed scans could further capture information about what devices use these ports, the operating systems that run, and even the services that are active on them. Nmap can also find deeper information, such as the version of these open services. This makes it an ideal tool for finding vulnerabilities or supporting correction management efforts.
Scan control is used to require console commands, which of course means that some training is required. But Zenmap’s new graphical interface makes it easy for almost anyone to tell Nmap what they want to discover, with or without formal training. Meanwhile, professionals can continue to use the console commands they always have, making it a useful tool for both experts and beginners.
Is Nmap a security risk?
Although it can be argued that Nmap is a perfect hacking tool, many of the deeper scanning activities require root access and privileges. Someone outside can’t just target Nmap to a target network they don’t have permission to access and magically discover vulnerabilities to exploit. Not only that, but experience is likely to trigger a critical security signal from any security or network monitoring tools.
This does not mean that Nmap could not be dangerous in the wrong hands, especially if it is deployed by a resident system administrator or someone using stolen credentials. This was demonstrated in Oliver Stone’s 2016 film Snowden (another film that includes Nmap) about the accused traitor Edward Snowden.
What does Nmap do?
When used properly, Nmap can be invaluable for both optimizing and protecting networks and information. All returned data sent back from ports scanned with Nmap is collected and observed by the program. Based on this information, there are several key activities that most people use the tool to help them achieve. They include:
Network mapping: This is the main reason why Nmap was created and remains one of the most popular uses. Called host detection, Nmap will identify the types of devices that actively use scanned ports. This includes servers, routers, switches and other devices. Users can also see how these devices are connected and how they connect together to form a network card.
Discover port rules: Nmap can easily tell, even when scanning at a low level, whether a port is open or closed by something like a firewall. In fact, many IT professionals use Nmap to test their work when programming firewalls. They can see if their policies are having the desired effect and if their firewalls are working properly.
Shadow hunting: Because Nmap detects the type and location of devices on the network, it can be used to identify things that shouldn’t be there at all. These devices are called shadow IT because their presence on the network is not officially allowed or can sometimes be intentionally hidden. Shadow IT can be dangerous because such devices are not part of an audit or security program. For example, if someone secretly puts an Xbox game server on a corporate network, it will not only deplete the bandwidth, but can serve as a springboard for an attack, especially if not supported by all the latest security fixes.
Opening the operating system: Nmap can detect the types of operating systems running on open devices in a process called OS footprint. This usually returns information about the name of the device vendor (Dell, HP, etc.) and the operating system. With a more in-depth scan of Nmap, you can even find things like the operating system’s correction level and the device’s expected runtime.
Service opening: The ability to discover services elevates Nmap above the level of a simple mapping tool. Instead of just discovering that a device exists, users can run a more in-depth scan to find out what roles open devices play. This includes identifying whether they act as a mail server, web server, database storage, storage device, or almost anything else. Depending on the scan, Nmap can also report which specific applications are running and what version of those applications is being used.
Vulnerability scanning: Nmap is not a special vulnerability scan tool, as it does not support a database of known vulnerabilities or any type of artificial intelligence that could identify potential threats. However, organizations that regularly ingest security information from emissions threats or other sources can use Nmap to test their sensitivity to specific threats.
For example, if a newly discovered vulnerability only affects a specific application or service running an earlier version of the software, Nmap can be used to verify that a program currently running network assets meets those conditions. If something is found, then it is likely that IT teams could prioritize that these systems be fixed as quickly as possible to eliminate the vulnerability before the attacker can detect the same thing.
What is the future of Nmap?
Although the Nmap tool is 25 years old, it is still evolving. Like other seemingly ancient technologies such as Ethernet or Spanning Tree, it is well maintained by an active community of experts who keep it up to date. And in the case of Nmap, this community includes its very active creator, who still works online under his Fyodor mask.
Other enhancements such as the new Zenmap tool make it even more useful, especially for those who don’t like working with consoles or command lines. The Zenmap graphical interface allows users to quickly set goals and configure desired scans with just a few clicks. This will help Nmap find an even bigger user base.
Finally, although there are many other tools today that can perform similar functions, none of them have proven Nmap experience. Not only that, but Nmap has always been completely free as well ready to download. Due to all these factors, it is almost certain that Nmap will be as useful and relevant in the next 25 years as it has been in the last quarter of a century.
Copyright © 2022 IDG Communications, Inc.