LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: November 21st, 2014
Linux Security Week: November 17th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Open Source Tool of February: Nmap! Print E-mail
User Rating:      How can I rate this item?
Posted by Ryan Berens   
Features This February, the team at Linuxsecurity.com has chosen NMAP as the Open Source Security Tool of the Month!

In January, we chose GnuPG in part because it had just celebrated its 10th anniversary. Well, it wasn't alone. As of this past December Nmap ("Network Mapper"), the free and open source utility for network exploration and auditing, celebrated its 10th Anniversary as well! And because of its popularity, chances are very good that you've already used NMAP for quite some time. Even if you have, it's always good to take a look at how it all got started and what it's all about...
What has really made NMAP such a staple of network security configuration is that its capability was the result such a strong communal need. As is the case with so many open source projects, NMAP followed a path that really mimics "necessity is the mother of invention."

As huge networks began to take shape, as the Internet took its hold within businesses and schools, and as users everywhere started to understand and protect their network, a similar story kept popping up: 'I need to know the information is passing between my network and the Internet and I have to track X ports on X machines to do it.' So how many is X? A number that screams "I need something heavy-duty and automated."

And so it was in 1997, while fulfilling the role of TA at Johns Hopkins University, that its creator Fyodor was presented with a dorm room, access to a large network and some insufficient tools. Some of them did one job. Some did another. And yet, even after modifications, none of them (Strobe, Reflscan or UDP) really seemed to do what was needed. So, during the summer of that year he hacked together a robust scanning tool and that September, the first official version of NMAP was released. It was gloriously received by users around the world; which, by community standards, equates to a huge influx of bug fixes, ideas and suggestions on how you should take your code and start again.  (Of course, this is what the community is all about people coming together to make things better).

(Visit Searchsecurity.com for a recent interview Fyodor did regarding the anniversary).

As a result, NMAP has grown to become the equivalent of a hammer in the tool belt of the average administrator and developer. So we can't say enough about the utility of this tool and what's more, how much it has evolved from just a simple port scanner.

Its capability has grown to provide not only scanning for active and passive services on a variety of hosts but can now define the type of OS, device type, uptime, software product used to run a service, exact version number of the product, presence of firewall techniques and even the vendor of the remote network(LAN). It's also been written for use on nearly every operating system including Linux, Windows, Mac, Free/Open BSD, Solaris and many others.

Some of the newest enhancements for version 4.5 also include a new traceroute feature, a new OS fingerprinting engine, the addition of the ZeNmap GUI, the new port disposition explanations, a new scripting engine and a whole lot more. If you're curious, here's a very useful video tutorial of NMAP, so if you want to learn more, check it out:

Nmap V.4.5 Video Overview
For the month of February, make sure to look out for howto's and articles on other great resources on one of the open source community's most useful security tools: Nmap!

Read this full article

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Google Removes SSLv3 Fallback Support From Chrome
Hacker Lexicon: What Is End-to-End Encryption?
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.