Nmap Security Scanner version 3.00 has been released

Thursday, 1 August 2002, 11:09 AM EST

Here is a list of the most important advantages of Nmap3 over 2.53

  • Added protocol scan (-sO), which determines what IP protocols (TCP, IGMP, GRE, UDP, ICMP, etc) are supported by a given host.
  • Nmap now recognizes more than 700 operating system versions and network devices (printers, webcams, routers, etc) thanks to thousands of contributions from the user community! Many operating systems were even recognized by Nmap prior to their official release. Nmap3 also recognizes 2148 port assignments, 451 SunRPC services, and 144 IP protocols.

  • Added Idlescan (-sI), which bounces the scan off a "zombie" machine. This can be used to bypass certain (poorly configured) firewalls and packet filters. In addition, this is the most stealthy Nmap scan mode, as no packets are sent to the target from your true IP address.

  • The base Nmap package now builds and functions under Windows! It is distributed in three forms: build-it-yourself source code, a simple command-line package, or along with a nice GUI interface (NmapWin) and a fancy installer.

  • Mac OS X is now supported, as well as the latest versions of Linux, OpenBSD, Solaris, FreeBSD, and most other UNIX platforms. Nmap has also been ported to several handheld devices.

  • XML output (-oX) is now available for smooth interoperability between Nmap and other tools.

  • Added ICMP Timestamp and Netmask ping types (-PP and -PM). These (especially timestamp) can be useful against some hosts that do not respond to normal ping (-PI) packets. Nmap still allows TCP "ping" as well.

  • Nmap can now detect the uptime of many hosts when the OS Scan option (-O) is used.

  • Several new tests have been added to make OS detection more accurate and provide more granular version information.

  • Removed 128.210.*.* addresses from Nmap man page examples due to complaints from Purdue security staff.

  • The --data_length option was added, allowing for longer probe packets. Among other uses, this defeats certain simplistic IDS signatures.

  • You can now specify distinct port UDP and TCP port numbers in a single scan command using a command like 'nmap -sSU -p U:53,111,137,T:21-25,80,139,515,6000,8080 target.com'.

  • Added mysterious, undocumented --scanflags and --fuzzy options.

  • Nmap now provides IPID as well as TCP ISN sequence predictability reports if you use -v and -O.

  • SYN scan is now the default scan type for privileged (root) users. This is usually offers greater performance while reducing network traffic.

  • Capitalized all references to God in error messages.

  • Added List scan (-sL) which enumerates targets without scanning them.

  • The Nmap "random IP" scanning mode is now smart enough to skip many unallocated netblocks.
  • Tons of more minor features, bugfixes, and portability enhancements.
As it also says in the press release regarding this release: "With this "stable" version out of the way, we plan to dive headfirst into the next development cycle. Many exciting features are in the queue, including IPv6 support, service fingerprinting, improved performance against heavily filtered hosts, and more!"

[ Read more ]

Related items


Harnessing artificial intelligence to build an army of virtual analysts

PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Feb 4th