Nmap is a long-established network scanning tool that has been around for 18 years. It was designed by Gordon Lyon and can be used to quickly detect computer hosts and their services on the network. Nmap will send specific data packets to the target host/network, and then analyze the returned data results to find out whether the target host is alive, operating system type, network protocol details, network service characteristics, security flaws, etc.
Nmap 6 was released in May 2012. The latest version took 3 and a half years of development and included nearly 3,200 code submissions. The main updates are as follows:
1. Nmap Scripting Engine (NSE) adds many features
Nmap core has been stabilized and more and more new features are being added to the NSE subsystem. Compared with Nmap 6, 171 new scripts and 20 libraries have been added, such as firewall-bypass , supermicro-ipmi-conf , oracle-brute-stealth and ssl-heartbleed . NSE is now more powerful, and scripts can use it to use more powerful core functions, such as host discovery ( dns-ip6-arpa-scan ), version scanning ( ike-version , snmp-info , etc.) and RPC grinding ( rpc-grind) ).
2. Mature IPv6 support
One of the major improvements in Nmap 6 is the improvement of IPv6 scanning, and the support for this is even more complete in Nmap 7, including support for CIDR-style address ranges, spare scanning, concurrent reverse DNS resolution, and more NSE scripts Supports IPv6.
3. Infrastructure upgrade
Although it is an 18-year-old project, we do not rest on our laurels and stick to the broken infrastructure. The Nmap project continues to keep up with the latest technology and enhance the development process to serve an increasing number of users. For example, we converted the entire nmap.org website to SSL to prevent binary programs from being infected by Trojans and reduce the risk of snooping. We use the Git version control system in most of our workflows and have established an official Nmap subversion repository mirror on Github. We encourage everyone to submit code patches to Github. We have also created an official bug tracking system , also on Github. Tracking bugs and accepting feature requests reduces the number of defects.
4. Scan faster
For 18 years, Nmap has continuously refreshed the speed limit of network synchronous scanning, and this version is no exception. The new Nsock engine greatly improves performance on Windows and BSD systems, target reordering prevents hidden dead ends on multi-host systems, and NSE optimization brings faster -sV scanning.
5. SSL/TLS scanning solution selection
TLS and its predecessor SSL are the basis of website security, so when big vulnerabilities like Heartbleed, POODLE and FREAK appear, Nmap's response is the NSE vulnerability detection script. The entire rewritten ssl-enum-ciphers script can analyze TLS deployment issues faster, and the version detection function has also been optimized to detect the latest TLS handshake version faster.
6. Enhance Ncat
We are very excited and proud to announce that Ncat has become the default software package providing "netcat" and "nc" commands in the RedHat/Fedora series of distributions! This is the result of numerous bug fixes and enhanced compatibility with netcat options. Another exciting aspect is the addition of an embedded Lua interface that enables the creation of simple cross-platform daemons and traffic filters.
7. Unparalleled portability
Nmap does a great job of being cross-platform, and it can run on a variety of advanced and ancient systems. And our binaries are kept closely updated with the latest popular operating systems. Nmap runs completely on operating systems from Windows 10 to Windows Vista, and by popular demand we can even run it on Windows XP - although we recommend that they upgrade their systems. Mac OS X supports versions from 10.8 Mountain Lion to 10.11 El Capitan. In addition, we have updated support for Solaris and AIX. Of course, Linux users, let alone that.
The pirated resources of "Celebrating More Than Years 2" were uploaded to npm, causing npmmirror to have to suspend the unpkg service. Microsoft's China AI team collectively packed up and went to the United States, involving hundreds of people. The founder of the first front-end visualization library and Baidu's well-known open source project ECharts - "going to the sea" to support Fish scammers used TeamViewer to transfer 3.98 million! What should remote desktop vendors do? Zhou Hongyi: There is not much time left for Google. It is recommended that all products be open source. A former employee of a well-known open source company broke the news: After being challenged by his subordinates, the technical leader became furious and fired the pregnant female employee. Google showed how to run ChromeOS in an Android virtual machine. Please give me some advice. , what role does time.sleep(6) here play? Microsoft responds to rumors that China's AI team is "packing for the United States" People's Daily Online comments on office software's matryoshka-like charging: Only by actively solving "sets" can we have a future