Nmap 4.22SOC1 available

In: Network Discovery , Nmap , Security Solutions

13 July 2007

Nmap ("Network Mapper") is a free open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. Nmap runs on most types of computers and both console and graphical versions are available. Nmap is free and open source (license).

The UMIT graphical Nmap frontend is now included (as an ALPHA TEST
release) with the Nmap tarball distribution. It isn’t yet in the
RPMs or the Windows distributions. UMIT is written with Python/GTK
and has many huge advantages over NmapFE. It installs from the Nmap
source tarballs as part of the "make install" process unless you
specify —without-umit to configure. Please give UMIT a try (the
executable is named umit) and let us know the results! We hope to
include UMIT in the Windows Nmap distributions soon.

The port selection mechanism was overhauled. Nmap now knows
(roughly) how common various services are, so you can specify
options such as —top-ports 50 to scan the 50 most popular ports.
You can also use the new —port-ratio option to scan ports above a
given popularity level. You can also now give the -p option service
names (such as ’http’) and wildcards (such as http* to include
services such as https and http-mgmt). There is also a bracket ([])
operator for scanning all known ports within a given range. All
these changes, by Doug Hoyte, are described at
http://seclists.org/nmap-dev/2007/q2/0224.html .

Added more Nmap Scripting Engine scripts, bringing the total to 31.
The new ones are bruteTelnet (Eddie Bell), SMTPcommands (Jason
DePriest), iax2Detect (Jason), nbstat (Brandon Enright),
SNMPsysdescr (Thomas Buchanan), HTTPAuth (Thomas), finger (Eddie),
ircServerInfo (Doug Hoyte), and MSSQLm (Thomas Buchanan).

Added the —reason option which explains WHY Nmap assigned a port
status. For example, a port could be listed as "filtered" because
no response was received, or because an ICMP network unreachable
message was received. [ Eddie ]

Integrated all of your 2nd generation OS detection submissions,
increasing the database size by 68% since 4.21ALPHA4 to 699
fingerprints. The 2nd generation database is now nearly half (42%)
the size of the original. Please keep those submissions coming so
that we can do another integration round before the SoC program ends
on August 20! Thanks to David Fifield for doing most of the
integration work!

Full changelog here.

Post scriptum

Download Version 4.22SOC1

Compliance Mandates

Network Discovery :
PCI DSS 11.2, SOX A13.3, GLBA 16CFR Part 314.4(c), HIPAA 164.308(a)(8), FISMA RA-5

Network Discovery	12 May 2010 : Complemento v0.7.6 - Collection of Tools 10 April 2010 : Scapy v2.1.1 in the wild 30 March 2010 : pwnat tool v0.2-beta released 30 March 2010 : Nmap v5.30 beta 1 in the wild - doped with scripts - 27 March 2010 : pwnat tool v0.1-beta bypassing NAT
Nmap	20 January 2010 : Nmap v5.20 released 26 December 2009 : Nmap 5.10BETA2 released : Citrix scanning & xmas greetings 24 November 2009 : Nmap 5.10BETA1 released 16 July 2009 : Nmap & Zenmap v5.0 released 31 January 2009 : Nmap development v4.85beta2 released
Security Solutions	1 May 2010 : Spiceworks v4.7 build 50667 released 9 April 2010 : Secured Qubes OS Initial public release 16 December 2009 : Ninja v0.1.3 - privilege escalation detection and prevention 3 December 2009 : GreenSQL-FW v1.2.0 released 16 November 2009 : Offensive-Security released its Exploit Database

Nmap 4.22SOC1 available

Post scriptum

Compliance Mandates

Related Articles

Follow us

Like us !

Most Read

Advertising

License

Categories

COMPANY

STANDARDS

RECENT POSTS

MENU