Nmap dev release 4.22SOC8 is out

Nmap ("Network Mapper") is a free open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. Nmap runs on most types of computers and both console and graphical versions are available. Nmap is free and open source (license).


  • Removed the old massping() system, since the functionality has now
    been migrated into the existing ultra_scan() system (which is used
    for port scanning too). Thanks to David for doing the migration,
    which involved a lot of work and testing. The new system is
    frequently faster and more accurate than massping(), and some of the
    new algorithms benefit port scans too.
  • Renamed Umit to Zenmap to reduce confusion between the version we
    ship with Nmap as the integrated GUI and the version maintained
    separately at umit.sourceforge.net. We are excited about Zenmap and
    expect to remove NmapFE in the near future
  • Integrated all of your Q3 service detection submissions! We have
    now surpassed 4500 signatures and are approaching 500 service
    protocols. Wow! Thanks to Doug for doing the integration. His
    notes on the crazy and interesting services discovered this quarter
    are at http://hcsw.org/blog.pl/31 .
  • Added a new ping type: IPProto Ping. Use -PO (that is the letter O
    as in prOtOcOl, not a zero). This is similar to protocol scan (-sO)
    in that it sends IP headers with different protocols in the hope of
    eliciting a response from targets. The default is to send with
    protocols 1 (ICMP), 2 (IGMP), and 4 (IP-in-IP tunnel), but you can
    specify different protocol numbers on the command line the same way
    you specify TCP/UDP ports to -PS or -PU. [Kris]
  • The SMTPcommands.nse script was updated to support the HELP query in addition to EHLO [Jason DePriest]
  • Added —ttl support for connect() scans (-sT). [Kris]
  • Combine the Zenmap setup scripts into one portable setup.py rather
    than having separate versions for Windows, Unix, and Mac OS X.
  • Removed a bunch of unnecessary/incomplete code and data files from
    Zenmap. [ David]
  • In Nbase, switched from GNU’s getopt() replacement functions to
    Ben Sittler’s BSD-licensed (but GNU compatible) functions. [Kris]
  • Include nmap.h in portreasons.h. This fixes a compilation problem
    reported on OpenBSD. [David]
  • Change PCRE from an NSELib module back to statically linked code due
    to OpenBSD compilation problems. See
    http://seclists.org/nmap-dev/2007/q4/0085.html [David]
  • Fix a problem with —reason printing the wrong host discovery
    reasons when ICMP destination unreachable packets arrived. [Kris]
  • Nmap has better dependency tracking now such that it no longer
    builds the executable every time you type ’make’. This was causing
    problems where ’make; sudo make install’ would create a root-owned
    nmap executable because it was rebuilt as part of ’make
    install’. [David]

Post scriptum

Compliance Mandates

  • Network Discovery :

    PCI DSS 11.2, SOX A13.3, GLBA 16CFR Part 314.4(c), HIPAA 164.308(a)(8), FISMA RA-5


Related Articles

Information Gathering
Network Discovery