Modern business and office environments entail connected computers, which are often ultimately connected to the Internet. However, the Internet is filled with worms, malwares and Trojans and some can even bypass firewalls. Nmap Security Scanner is a great utility that details all the network information on which it is run and is an effective penetration-testing tool.
Nmap is a command line utility and hence is to be run from the Windows command prompt. Its main task is to listen to the source and network and gain information via carefully constructed packets exchange and analysis of responses. While the original was on command line, modern Windows version includes a GUI and has a tabbed interface which is generic but very simple to use. The common features of Nmap include host identification and discovery on a network and host listing on a network. Port scanning is the next big thing, which enumerates all open ports. Version and OS detection comes next, which can detect network services running on remote machines, application names and version numbers and the host OS information along with characteristics of the network devices. The target can be interacted via scripts which are written in the Lua language using the Nmap Scripting Engine. Further information includes reverse DNS query, device types and MAC addresses.
Additionally, results can be reported in various formats and custom ones can be generated as well. Command line reporting supports Interactive mode where various options can be entered to gain more information. XML reports can also be generated from which HTML can be generated via XSLT tools. The output can also be saved to a text file. There is an interesting script kiddie mode where letters are replaced with visually similar looking numbers instead. The software is currently available on Windows XP, Vista, 7 and even for Windows 8 and comes with a fairly use to run installer which also installs a custom network driver for proper running of nmap.
While the original Nmap is a classic tool best utilized from command prompt, many have created sophisticated GUI for the software to make it easy. Zenmap is one such alternative which provides a rich UI and extensive reporting and helps beginners. Angry IP Scanner is yet another open-source alternative that aims to be a faster version of nmap and is fairly simple to use but cannot be scripted and reporting is not as sophisticated. Some other alternatives worth considering are WinMTR, Wireless Network Watcher, Softperfect Network Scanner, skipfish (open-source) and Advanced Network Scanner, all being free alternatives.
The classic UNIX and Linux tool has a well-functioning port on Windows platform with a functional GUI. The software provides adequate information and can be a starting point for further rigorous network security testing and auditing. The GUI makes it easy for the beginners and the command line options makes life easier for the pro users, though the only drawback would be a not-so-frequently-updated interface for Windows.
Nmap utility was originally written by Gordon Lyon who goes on as Fyodor on the Internet and is an ethical hacker. The software is maintained by open-source collaboration.
Write a review
You must be logged in to post a comment.