The latest version of Nmap, 7.94, has been released on the occasion of its 26th birthday. The most significant improvement in this version is the migration of Zenmap and Ndiff from Python 2 to Python 3 across all platforms. Nmap, a free and open-source network scanner, Port Scanner, and network Exploration Tool, now supports all major platforms such as Linux, Windows, UNIX, FreeBSD, OpenBSD, Solaris, IRIX, Mac OS X, HP-UX, NetBSD, Sun OS, Amiga, and more.
Nmap is known for its extensive scanning capabilities and has multiple scanning techniques to offer. It supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning.
One of the major improvements in Nmap 7.94 is the upgrade of Npcap from version 1.71 to 1.75. Npcap, based on the discontinued WinPcap library, offers improved speed, portability, security, and efficiency. It is compatible with Windows 7 and later versions. This update not only benefits Windows users but also enhances the performance of Nmap across different platforms with the help of new libraries.
Furthermore, Nmap 7.94 introduces several other enhancements and bug fixes. It now prints vendor names based on MAC address, which can be useful for network administrators. The release also integrates the most-submitted IPv4 OS fingerprints, improving the accuracy of OS detection. The performance improvements in this version were achieved through profile-guided optimizations.
New scripts and libraries have been added, including the tftp-version script. This script facilitates the identification of TFTP (Trivial File Transfer Protocol) versions on target systems. Additionally, Ncat, a networking utility included with Nmap, now accepts “connections” from multiple UDP hosts.
Several libraries used by Nmap have also been updated in this release. These include OpenSSL, zlib, Lua, and libpcap. The UDP port scan (-sU) and version scan (-sV) now utilize the same data source, providing consistent results. The service scan (-sV) can now probe UDP services, enhancing the detection capabilities of Nmap.
Ncat, which is often used for network connections and transfers, has also received some improvements. In Nmap 7.94, Ncat’s listen mode now supports UDP and SSL simultaneously. Internationalized Domain Names (IDN) are now handled properly by Nmap, allowing for more accurate scanning and identification of hosts.
Another noteworthy enhancement is the dramatic improvement in the speed of Ncat transfers. This improvement ensures faster and more efficient file transfers, enhancing the overall user experience.
For a detailed list of all the significant changes that have been made in Nmap 7.94, users can refer to the official changelog provided by the Nmap project. Additionally, a comprehensive Nmap tutorial is available for those who want to delve deeper into the capabilities and usage of this powerful network scanning tool.
To stay updated with the latest cybersecurity news, it is recommended to follow reputable sources such as Google News, Linkedin, Twitter, and Facebook, where news and updates are regularly shared. By keeping informed about the latest developments in the cybersecurity landscape, users can stay one step ahead of potential threats and protect their systems effectively.