Nearly three years after the last major release of Nmap, version 6.0 of the open source network scanner has been released. Nmap is a popular utility for scanning and mapping network ranges to extract information about the systems attached to the network and the network's topology. In version 6.0, the developers have added full IPv6 support while enhancing Nmap's scripting engine, web scanning, mapping GUI and scanning performance, while also introducing a new tool called Nping.

Nmap has had basic IPv6 support since 2002, but with the IPv4 address exhaustion, the Nmap developers spent some months ensuring that Nmap had full IPv6 support, complete with a new IPv6 OS detection system, host discovery and raw packet port scanning.

The Nmap Scripting Engine (NSE) system for automating networking tasks with Lua scripts has, say the developers, "exploded in popularity and capabilities". The number of bundled NSE scripts has grown from 59 to 348, including 44 new protocol information query scripts for information gathering from, for example Hadoop, Bitcoin and VNC, and 27 scripts for adding new targets to the scanning queue.

The web scanning capabilities in Nmap have been enhanced with the addition of new techniques for performing various HTTP tasks including brute force authentication cracking and web site spidering. There are now 54 scripts for scanning web servers, up from just 6; ranging from grabbing the title or favicon of the root page of a server to retrieving SSL certificates. The underlying HTTP library now supports pipelining and caches responses (to avoid multiple requests when a number of scripts are running).



The network topology mapper in Zenmap

Source: Nmap Nmap 6.0 also includes a new command-line interface tool for network packet generation, response analysis and response time measurement called "Nping" that can generate network packets. Nping is a multipurpose tool; it can be used as a simple ping utility to detect active hosts or as a raw packet generator for network stack stress testing, ARP poisoning, Denial of Service attacks or route tracing.

All users are advised to upgrade. Detailed information about the new version, including a full list of new features and screenshots, can be found in the release notes. Further information is available in the change log and the documentation. Nmap 6.0 is available to download as source code or executable packages for Windows, Mac OS X, Linux and several UNIX platforms and is licensed under a clarified GPLv2.

(crve)