ARTICLE Nmap v5.30 beta 1 in the wild - doped with scripts -

Tuesday 30 March 2010 - 891 read - ( Keywords : Network Discovery , Nmap , Penetration testing & Ethical Hacking )

Nmap ("Network Mapper") is a free open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. Nmap runs on most types of computers and both console and graphical versions are available. Nmap is free and open source (license).0

The main changes in this release is the 37 scripts added :

- afp-brute
- afp-path-vuln
- afp-showmount
- couchdb-databases
- couchdb-stats
- daap-get-library
- db2-das-info
- dns-service-discovery
- http-methods
- http-vmware-path-vuln
- ipidseq
- jdwp-version
- ldap-brute
- ldap-rootdse
- ldap-search
- lexmark-config
- mongodb-databases
- mongodb-info
- mysql-brute
- mysql-databases
- mysql-empty-password
- mysql-users
- mysql-variables
- nfs-acls
- nfs-dirlist
- nfs-statfs
- pgsql-brute
- qscan
- smtp-enum-users
- snmp-interfaces
- snmp-netstat
- snmp-processes
- snmp-win32-services
- snmp-win32-shares
- snmp-win32-software
- snmp-win32-users
- ssl-enum-ciphers

JPG - 64.5 kb

Changelog :

- [NSE] New script afp-path-vuln detects and can exploit a major Mac OS X AFP directory traversal vulnerability (CVE-2010-0533) discovered by Nmap developer Patrik Karlsson. See http://nmap.org/nsedoc/scripts/afp-path-vuln.html and http://bit.ly/nmapafp.

- An ALPHA TEST VERSION of Nping, a packet generator written by Luis MartinGarcia and Fyodor last summer, is now included in the Nmap distribution. While it works, we consider the application unfinished and we hope to improve it greatly as a Summer of Code project this summer and then do an official release. See http://nmap.org/nping/

More changelog


POSTSCRIPTUM

Download


COMPLIANCE MANDATES

Network Discovery : PCI DSS 11.2, SOX A13.3, GLBA 16CFR Part 314.4(c), HIPAA 164.308(a)(8), FISMA RA-5
Penetration testing & Ethical Hacking : PCI DSS 11.3, SOX A13.3, GLBA 16 CFR Part 314.4 (c), HIPAA 164.308(a)(8), FISMA RA-5, SI-2, ISO 27001/27002 12.6, 15.2.2


RELATED ARTICLES

Network Discovery, Nmap, Penetration testing & Ethical Hacking,

30 March 2010 : Nmap v5.30 beta 1 in the wild - doped with scripts -
20 January 2010 : Nmap v5.20 released
26 December 2009 : Nmap 5.10BETA2 released : Citrix scanning & xmas greetings
24 November 2009 : Nmap 5.10BETA1 released
16 July 2009 : Nmap & Zenmap v5.0 released