Софт

Nmap for windows

Рейтинг: 4.9/5.0 (1034 проголосовавших)

Описание

Скачать Nmap for Windows бесплатно

Рубрика | Программы для компьютера

4th Март 2013 owmen

Nmap for Windows. Nmap исходит от «Network Mapper», является бесплатной программой с полностью открытым исходным кодом сетевых приложений, которая является полезной для проведения сетевого аудита и отображения инвентаризации сети. Она показывает, какие сервисы запущены на сетевой системе, на какой операционной системе она работает, какой тип брандмауэров на месте и многое другое, подробности о каждом компьютере в сети, будь то Windows или Unix-подобные системы.

Nmap — это очень гибкое приложение, идеально подходит для сетевых администраторов на обоих Windows (через cmd.exe или GUI) или Linux (через shell или GUI). Nmap for Windows можно запустить для тонны сетей и выполнять сканирование портов, OS обнаружения, распознавания версии и пинг подсечки среди других.

Network Mapper также был протестирован на очень больших сетях с более чем 100 000 машин; она является масштабируемой и содержит более подробную информацию о сетевых системах, чем у сравнимых коммерческих приложений.

Общая цель и конечный результат администраторы, используя Nmap является более защищенной сетью, меньше взлома и менее зараженных систем. Nmap также имеет очень большие сообщества и учебники и поддержка обеспечивается с помощью списков рассылок и Интернет-форумов. Nmap – по прежнему остается одним из самых популярных программ на нескольких open source местах распределения и является, собственно, включенных в течение нескольких дистрибутивов Linux, таких как Red Hat Enterprise Linux, Gentoo и Debian.

Скачать Nmap for Windows бесплатно можно на нашем сайте!

Nmap for windows:

  • скачать
  • скачать
  • Другие статьи, обзоры программ, новости

    Nmap скачать бесплатно на русском языке для windows 7

    Nmap представляет собой мощный набор инструментов для сканирования сетей на любые уязвимости. Программа позволяет просканировать любые порты и произвести аудит защиты сети любых размеров и сложности. Программа позволяет работать как новичкам так и профессионалам, поддерживая удобный и интуитивно понятный графический интерфейс и режим командной строки, позволяющий вести полный контроль над действием и обладающий полной функциональностью.

    Nmap обладает огромным потенциалом и заслуженно считается одной из лучших программ в своём роде. Утилита является полностью бесплатной.

    Утилита поддерживает множество различных типов сканирования, таких как TCP, TCP, UDP, SYN, ICMP, FIN, FTP proxy, Reverse-ident,ACK и Xmas tree.

    Основные возможности и преимущества приложения:

    • сканирование сетей на наличие уязвимости.
    • возможность настройки сканирования по диапазонам IP.
    • наличие интуитивно понятного графического интерфейса и полнофункциональной командной строки.
    • возможность сканирования любых портов.
    • разнообразные типы сканирования.
    • абсолютная бесплатность.

    Download Nmap for Windows 8

    - Flexible: Supports dozens of advanced techniques for mapping out networks filled with IP filters, firewalls, routers, and other obstacles. This includes many port scanning mechanisms (both TCP & UDP), OS detection, version detection, ping sweeps, and more. See the documentation page.

    Powerful: Nmap has been used to scan huge networks of literally hundreds of thousands of machines.

    - Portable: Most operating systems are supported, including Linux, Microsoft Windows, FreeBSD, OpenBSD, Solaris, IRIX, Mac OS X, HP-UX, NetBSD, Sun OS, Amiga, and more.

    - Easy: While Nmap offers a rich set of advanced features for power users, you can start out as simply as "nmap -v -A targethost". Both traditional command line and graphical (GUI) versions are available to suit your preference. Binaries are available for those who do not wish to compile Nmap from source.

    - Free: The primary goals of the Nmap Project is to help make the Internet a little more secure and to provide administrators/auditors/hackers with an advanced tool for exploring their networks. Nmap is available for free download, and also comes with full source code that you may modify and redistribute under the terms of the license.

    - Well Documented: Significant effort has been put into comprehensive and up-to-date man pages, whitepapers, and tutorials. Find them in multiple languages here.

    - Supported: While Nmap comes with no warranty, it is well supported by a vibrant community of developers and users. Most of this interaction occurs on the Nmap mailing lists. Most bug reports and questions should be sent to the nmap-dev list, but only after you read the guidelines. We recommend that all users subscribe to the low-traffic nmap-hackers announcement list.

    - Acclaimed: Nmap has won numerous awards, including "Information Security Product of the Year" by Linux Journal, Info World and Codetalker Digest. It has been featured in hundreds of magazine articles, several movies, dozens of books, and one comic book series. Visit the press page for further details.

    - Popular: Thousands of people download Nmap every day, and it is included with many operating systems (Redhat Linux, Debian Linux, Gentoo, FreeBSD, OpenBSD, etc). It is among the top ten (out of 30,000) programs at the Freshmeat.Net repository. This is important because it lends Nmap its vibrant development and user support communities.

    Nmap скачать бесплатно на русском языке

    Nmap - бесплатный сканер портов.

    Программа настраивается на сканирование IP сетей в разных режимах, с любым количеством объектов, определяет состояние объектов, портов и соответствующих им служб и поддерживает большой набор других дополнительных возможностей.

    С помощью Nmap можно проводить "невидимое" и параллельное сканирование, определить неактивные хосты и операционную систему удаленного хоста, вычислить время задержки и повтор передачи пакетов, выполнить сканирование с использованием IP-фрагментации.

    Доступные в Nmap методы сканирования - UDP, TCP (connect), TCP SYN (полуоткрытое), FTP-proxy (прорыв через ftp), Reverse-ident, ACK, ICMP (ping), FIN, Xmas tree, SYN и NULL сканирование. Программа работает как в графическом интерфейсе, так и в режиме командной строки. Многие пользователи считают Nmap хорошим инструментом для обследования и аудита защиты сети.

    Тип лицензии: Бесплатно

    Размер: 25,16 Мб ( Скачать )

    Язык интерфейса: Русский

    Nmap скачать бесплатно

    Nmap скачать

    Интерфейс программы: английский

    Платформа: XP / 7 / Vista

    Производитель: Insecure

    Сайт: nmap.org/

    Nmap – представляет собой программное обеспечение, сокращение которого в названии относится к типу программ Network Mapper. Как нельзя лучше, это название можно перевести, как «картограф сети». Он является одним из самых уникальных и интересных средств для проверки локальной сети и ее безопасности. Самое интересное, что утилита является кроссплатформенной, бесплатно распространяемой и предназначенной для использования в любого типа операционных сиcтем, включая Linux, Windows, FreeBSD, Open BSD, Solaris и Mac OS X.

    Основные возможности программы Nmap

    Что касается основных возможностей, то для начала стоит сказать, что программа обладает довольно мощными средствами сканирования сети с использованием различного типа локальных подключений. Сюда входят UDP,TCP/IP,SYN, NULL, FTP proxy, Reverse-indent, ICMP, FIN, ACK. Сам же выбор процесса сканирования в среде любой операционной системы будет зависеть только от выбора ключей, указанных в командной строке. Для некоторых открытых портов и служб, которые отвечают за их функционирование, в некоторых случаях вводить ключи совершенно не обязательно, поскольку, приложение имеет наиболее употребительный список, установленный по умолчанию. При сканировании программа способна распознавать четыре состояния портов, а именно, открытый порт, закрытый, фильтруемый и не фильтруемый. Здесь стоит остановиться несколько подробнее. Открытый порт подразумевает, что удаленный терминал находится в состоянии готовности для принятия и отправки пакетов в процессе сканирования. Закрытый порт является таковым весьма условно, то есть, в данный момент он не связан ни с каким другим работающим приложением и может быть открыт в любой момент времени. Наличие фильтра на порте указывает только на то, что есть какое-то стороннее приложение, способное блокировать доступ к нему. В большинстве случаев, это просто брэндмауэр самой операционной системы. Нефильтрованный порт, как правило, отвечает на запросы программы, но приложение не способно определить, является ли данный порт открытым или закрытым.

    Если в момент процесса сканирования нажать определенные клавиши или их сочетание (для каждой операционки, это устанавливается по-своему), то можно увидеть ход сканирования и процентное соотношение выполненного и оставшегося процесса. Кроме всего прочего, программа позволяет своими собственными средствами определить даже, если не точную версию ядра, то, по крайней мере, хотя бы ориентировочную дату сборки. А самое интересное, что сканирование не ограничивается всего лишь одним портом. Для полной проверки доступно сканирование сразу нескольких портов. Быстродействие программы основывается на том, что такого типа проверка является ни чем иным, как ping-тестом. Если у вас имеется полный список IP-адресов терминалов, подключенных к локальной сети, то проверка займет времени еще меньше. Единственное на что стоит обратить внимание, так только на то, что некоторые хосты могут не отвечать на такой ping-запрос из-за включенного файрволла.

    В заключение стоит сказать, что данная программа, по всей видимости, рассчитана более именно на системных администраторов, нежели на рядового пользователя. Да это и понятно. Ведь в домашних условиях локальные сети встречаются не часто. А вот для малых и средних офисов такое средство администрирования подойдет, как нельзя более, кстати. Напоследок хочется заметить, что и сами разработчики предупреждают о том, что сканирование портов на удаленных терминалах в некоторых случаях может быть даже противозаконно. Поэтому, действуйте с умом.

    Download Nmap for Windows

    Description

    Nmap ("Network Mapper") is a free and open source (license) utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime.

    Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts.

    Nmap runs on all major computer operating systems, and official binary packages are available for Linux, Windows, and Mac OS X. In addition to the classic command-line Nmap executable, the Nmap suite includes an advanced GUI and results viewer (Zenmap), a flexible data transfer, redirection, and debugging tool (Ncat), a utility for comparing scan results (Ndiff), and a packet generation and response analysis tool (Nping).

    Download Nmap for Windows

    • File Size: 18.99 MB
    • Date Released: Add info
    • Works on: Windows 2000 / Windows 7 / Windows 7 x64 / Windows 8 / Windows 8 x64 / Windows Vista / Windows Vista x64 / Windows XP / Windows XP x64
    • Doesn't Work on: Add info
    • License: Add info
    • Official Website: http://nmap.org
    • Company: Insecure.org
    • Total Downloads: 4,614 Rating: 0 of 5 Rate It! (0 votes)

    Tested: Free from spyware, adware and viruses

    Nmap 5.50 Change Log

    - [Zenmap] Added a new script selection interface, allowing you to choose scripts and arguments from a list which includes descriptions of every available script. Just click the "Scripting" tab in the profile editor.

    - [Nping] Added echo mode, a novel technique for discovering how your packets are changed (or dropped) in transit between the host they originated and a target machine. It can detect network address translation, packet filtering, routing anomalies, and more. You can try it out against our public Nping echo server using this command: nping --echo-client "public" echo.nmap.org'

    - [NSE] Added an amazing 46 scripts, bringing the total to 177!

    - broadcast-dns-service-discovery: Attempts to discover hosts' services using the DNS Service Discovery protocol.It sends a multicast DNS-SD query and collects all the responses.

    - broadcast-dropbox-listener: Listens for the LAN sync information broadcasts that the Dropbox.com client broadcasts every 20 seconds, then prints all the discovered client IP addresses, port numbers, version numbers, display names, and more.

    - broadcast-ms-sql-discover: Discovers Microsoft SQL servers in the same broadcast domain.

    - broadcast-upnp-info: Attempts to extract system information from the UPnP service by sending a multicast query, then collecting, parsing, and displaying all responses.

    - broadcast-wsdd-discover: Uses a multicast query to discover devices supporting the Web Services Dynamic Discovery (WS-Discovery) protocol. It also attempts to locate any published Windows Communication Framework (WCF) web services (.NET 4.0 or later).

    - db2-discover: Attempts to discover DB2 servers on the network by querying open ibm-db2 UDP ports (normally port 523).

    - dns-update.nse: Attempts to perform an unauthenticated dynamic DNS update.

    - domcon-brute: Performs brute force password auditing against the Lotus Domino Console.

    - domcon-cmd: Runs a console command on the Lotus Domino Console with the given authentication credentials (see also: domcon-brute).

    - domino-enum-users: Attempts to discover valid IBM Lotus Domino users and download their ID files by exploiting the CVE-2006-5835 vulnerability.

    - firewalk: Tries to discover firewall rules using an IP TTL expiration technique known as firewalking.

    - ftp-proftpd-backdoor: Tests for the presence of the ProFTPD 1.3.3c backdoor reported as OSVDB-ID 69562. This script attempts to exploit the backdoor using the innocuous id command by default, but that can be changed with a script argument.

    - giop-info: Queries a CORBA naming server for a list of objects.

    - gopher-ls: Lists files and directories at the root of a gopher service. Remember those?

    - hddtemp-info: Reads hard disk information (such as brand, model, and sometimes temperature) from a listening hddtemp service.

    - hostmap: Tries to find hostnames that resolve to the target's IP address by querying the online database at http://www.bfk.de/bfk_dnslogger.html.

    - http-brute: Performs brute force password auditing against http basic authentication.

    - http-domino-enum-passwords: Attempts to enumerate the hashed Domino Internet Passwords that are (by default) accessible by all authenticated users. This script can also download any Domino ID Files attached to the Person document.

    - http-form-brute: Performs brute force password auditing against http form-based authentication.

    - http-vhosts: Searches for web virtual hostnames by making a large number of HEAD requests against http servers using common hostnames.

    - informix-brute: Performs brute force password auditing against IBM Informix Dynamic Server.

    - informix-query: Runs a query against IBM Informix Dynamic Server using the given authentication credentials (see also: informix-brute).

    - informix-tables: Retrieves a list of tables and column definitions for each database on an Informix server.

    - iscsi-brute: Performs brute force password auditing against iSCSI targets.

    - iscsi-info: Collects and displays information from remote iSCSI targets.

    - modbus-discover: Enumerates SCADA Modbus slave ids (sids) and collects their device information.

    - nat-pmp-info: Queries a NAT-PMP service for its external address.

    - netbus-auth-bypass: Checks if a NetBus server is vulnerable to an authentication bypass vulnerability which allows full access without knowing the password.

    - netbus-brute: Performs brute force password auditing against the Netbus backdoor ("remote administration") service.

    - netbus-info: Opens a connection to a NetBus server and extracts information about the host and the NetBus service itself.

    - netbus-version: Extends version detection to detect NetBuster, a honeypot service that mimes NetBus.

    - nrpe-enum: Queries Nagios Remote Plugin Executor (NRPE) daemons to obtain information such as load averages, process counts, logged in user information, etc.

    - oracle-brute: Performs brute force password auditing against Oracle servers.

    - oracle-enum-users: Attempts to enumerate valid Oracle user names against unpatched Oracle 11g servers (this bug was fixed in Oracle's October 2009 Critical Patch Update).

    - path-mtu: Performs simple Path MTU Discovery to target hosts.

    - resolveall: Resolves hostnames and adds every address (IPv4 or IPv6,depending on Nmap mode) to Nmap's target list. This differs from Nmap's normal host resolution process, which only scans the first address (A or AAAA record) returned for each host name.

    - rmi-dumpregistry: Connects to a remote RMI registry and attempts to dump all of its objects.

    - smb-flood: Exhausts a remote SMB server's connection limit by by opening as many connections as we can. Most implementations of SMB have a hard global limit of 11 connections for user accountsand 10 connections for anonymous. Once that limit is reached, further connections are denied. This script exploits that limit by taking up all the connections and holding them.

    - ssh2-enum-algos: Reports the number of algorithms (for encryption,compression, etc.) that the target SSH2 server offers. If verbosity is set, the offered algorithms are each listed by type.

    - stuxnet-detect: Detects whether a host is infected with the Stuxnet worm (http://en.wikipedia.org/wiki/Stuxnet).

    - svn-brute: Performs brute force password auditing against Subversion source code control servers.

    - targets-traceroute: Inserts traceroute hops into the Nmap scanning queue. It only functions if Nmap's --traceroute option is used and the newtargets script argument is given.

    - vnc-brute: Performs brute force password auditing against VNC servers.

    - vnc-info: Queries a VNC server for its protocol version and supported security types.

    - wdb-version: Detects vulnerabilities and gathers information (such as version numbers and hardware support) from VxWorks Wind DeBug agents.

    - wsdd-discover: Retrieves and displays information from devices supporting the Web Services Dynamic Discovery (WS-Discovery) protocol. It also attempts to locate any published Windows Communication Framework (WCF) web services (.NET 4.0 or later).

    - [NSE] Added 12 new protocol libraries:

    * dhcp.lua by Ron

    * dnssd.lua (DNS Service Discovery)

    * giop.lua (CORBA naming service)

    * informix.lua (Informix database)

    * iscsi.lua (iSCSI - IP based SCSI data transfer)

    * nrpc.lua (Lotus Domino RPC)

    * rmi.lua (Java Remote Method Invocation)

    * tns.lua (Oracle)

    * upnp.lua (UPnP support)

    * vnc.lua (Virtual Network Computing)

    * wsdd.lua (Web Service Dynamic Discovery)

    - [NSE] Added a new brute library that provides a basic framework and logic for brute force password auditing scripts.

    - [Zenmap] Greatly improved performance for large scans by benchmarking intensively and then recoding dozens of slow parts. Time taken to load our benchmark file (a scan of just over a million IPs belonging to Microsoft corporation, with 74,293 hosts up) was reduced from hours to less than two minutes. Memory consumption decreased dramatically as well.

    - Performed a major OS detection integration run. The database has grown more than 14% to 2,982 fingerprints and many of the existing fingerprints were improved. Highlights include Linux 2.6.37, iPhone OS 4.2.1, Solaris 11, AmigaOS 3.1, GNU Hurd 0.3, and MINIX 2.0.4.

    - Performed a huge version detection integration run. The number of signatures has grown by more than 11% to 7,355. More than a third of our signatures are for http, but we also detect 743 other service protocols, from abc, acap, access-remote-pc, and achat to zenworks, zeo, and zmodem.

    - [NSE] Added the target NSE library which allows scripts to add newly discovered targets to Nmap's scanning queue. This allows Nmap to support a wide range of target acquisition techniques. Scripts which can now use this feature include dns-zone-transfer, hostmap, ms-sql-info, snmp-interfaces, targets-traceroute, and several more.

    - [NSE] Nmap has two new NSE script scanning phases. The new pre-scan occurs before Nmap starts scanning. Some of the initial pre-scan scripts use techniques like broadcast DNS service discovery or DNS zone transfers to enumerate hosts which can optionally be treated astargets. The other phase (post scan) runs after all of Nmap's scanning is complete. We don't have any of these scripts yet, but they could compile scan statistics or present the results in a different way. One idea is a reverse index which provides a list of services discovered during a network scan, along with a list of IPs found to be running each service.

    - [NSE] A new --script-help option describes all scripts matching a given specification. It accepts the same specification format as --script does. For example, try 'nmap --script-help "default or http-*"'.

    - Dramatically improved nmap.xsl (used for converting Nmap XML output to HTML). In particular:

    * Put verbose details behind expander buttons so you can see them if you want, but they don't distract from the main output. In particular, offline hosts and traceroute results are collapsed by default.

    * Improved the color scheme to be less garish.

    * Added support for the new NSE pre-scan and post-scan phases.

    * Changed script output to use 'pre' tags to keep even lengthy output readable.

    * Added a floating menu to the lower-right for toggling whether closed/filtered ports are shown or not (they are now hidden by default if Javascript is enabled) Many smaller improvements were made as well. You can find the new file at http://nmap.org/svn/docs/nmap.xsl, and here is an example scan processed through it:

    - [NSE] Created a new "broadcast" script category for the broadcast-* scripts. These perform network discovery by broadcasting on the local network and listening for responses. Since they don't directly relate to targets specified on the command line, these are kept out of the default category (nor do they go in "discovery").

    - Integrated cracked passwords from the Gawker.com compromise (http://seclists.org/nmap-dev/2010/q4/674) into Nmap's top-5000 password database. A team of Nmap developers lead by Brandon Enright has cracked 635,546 out of 748,081 password hashes so far (85%). Gawker doesn't exactly have the most sophisticated users on the Internet--their top passwords are "123456", "password", "12345678", "lifehack", "qwerty", "abc123", "12345", "monkey", "111111", "consumer", and "letmein".

    - XML output now excludes output for down hosts when only doing host discovery, unless verbosity (-v) was requested. This is how it already worked for normal scans, but the ping-only case was overlooked.

    - Updated the Windows build process to work with (and require) Visual C++ 2010 rather than 2008. If you want to build Zenmap too, you now need Python 2.7 (rather than 2.6) and GTK+ 2.22. See http://nmap.org/book/inst-windows.html#inst-win-source

    - Merged port names in the nmap-services file with allocated names from the IANA (http://www.iana.org/assignments/port-numbers). We only added IANA names which were "unknown" in our file--we didn't deal with conflicting names.

    - Enabled the ASLR and DEP security technologies for Nmap.exe, Ncat.exe and Nping.exe on Windows Vista and above. Visual C++ will set the /DYNAMICBASE and /NXCOMPAT flags in the PE header. Executables generated using py2exe or NSIS and third part binaries (OpenSSL, WinPcap) still don't support ASLR or DEP. Support for DEP on XP SP3, using SetProcessDEPPolicy(), could still be implemented.

    - Investigated using the CPE (Common Platform Enumeration) standard for describing operating systems, devices, and service names for Nmap OS and service detection.

    - [Zenmap] Improved the output viewer to show new output in constant time. Previously it would get slower and slower as the output grew longer, eventually making Zenmap appear to freeze with 100% CPU. Rob Nicholls and Ray Middleton helped with testing.

    - The Linux RPM builds of Nmap and related tools (ncat, nping, etc.) now link to system libraries dynamically rather than statically. They still link statically to dependency libraries such as OpenSSL, Lua, LibPCRE, Libpcap, etc. We hope this will improve portability so the RPMs will work on distributions with older software (like RHEL, Debian stable) as well as more bleeding edge ones like Fedora.

    - [NSE] Added the ability to send and receive on unconnected sockets.This can be used, for example, to receive UDP broadcasts without having to use Libpcap. A number of scripts have been changed so that they can work as prerule scripts to discover services by UDP broadcasting, and optionally add the discovered targets to the

    * scanning queue:

    > ms-sql-info

    > upnp-info

    > dns-service-discovery

    - The nmap.new_socket function can now optionally take a default protocol and address family, which will be used if the socket is not connected. There is a new nmap.sendto function to be used with unconnected UDP sockets.

    - [Nping] Substantially improved the Nping man page.

    - Documented the licenses of the third-party software used by Nmap and it's sibling tools:

    - [NSE] Improved the SMB scripts so that they can run in parallel rather than using a mutex to force serialization. This quadrupled the SMB scan speed in one large scale test.

    - Added a simple Nmap NSE script template to make writing new scripts

    - [Zenmap] Made the topology node radiuses grow logarithmically instead of linearly, so that hosts with thousands of open ports don't overwhelm the diagram. Also only open ports (notopen|filtered) are considered when calculating node sizes. Henri Doreau found and fixed a bug in the implementation.

    - [NSE] Added the get_script_args NSE function for parsing script arguments in a clean and standardized way

    - Increased the initial RTT timeout for ARP scans from 100 ms to 200 ms. Some wireless and VPN links were taking around 300 ms to respond. The default of one retransmission gives them 400 ms to be detected.

    - Added new version detection probes and signatures from Patrik for:

    * Lotus Domino Console running on tcp/2050 (shows OS and hostname)

    * IBM Informix Dynamic Server running native protocol (shows hostname, and file path)

    * Database servers running the DRDA protocol

    * IBM Websphere MQ (shows name of queue-manager and channel)

    - Fix Nmap compilation on OpenSolaris

    - [NSE] The http library's request functions now accept an additional "auth" table within the option table, which causes Basic authentication credentials to be sent.

    - Improved IPv6 host output in that we now remember and report the forward DNS name (given by the user) and any non-scanned addresses(usually because of round robin DNS).We already did this forIPv4.

    - [Zenmap] Upgraded to the newer gtk.Tooltip API to avoid deprecation messages about gtk.Tooltip.

    - [NSE] Made dns-zone-transfer script able to add new discovered DNS records to the Nmap scanning queue.

    - [NSE] Enhance ssl-cert to also report the type and bit size of SSL certificate public keys

    - [Ncat] Make --exec and --idle-timeout work when connecting with--proxy.

    - [Nping] Fixed a bug which caused Nping to fail when targeting broadcast addresses

    - [Nping] Nping now limits concurrent open file descriptors properly based on the resources available on the host

    - [NSE] Improved ssh2's kex_init() parameters: all of the algorithm and language lists can be set using new keys in the "options" table argument. These all default to the same value used before. Also, the required "cookie" argument is now replaced by an optional "cookie"key in the "options" table, defaulting to random bytes as suggested by the RFC.

    - Ncat now logs Nsock debug output to stderr instead of stdout forconsistency with its other debug messages.

    - [NSE] Added a new function, shortport.http, for HTTP script portrules and changed 14 scripts to use it.

    - Updated to the latest config.guess and config.sub. Thanks to Ty Miller for a reminder.

    - [NSE] Added prerule support to snmp-interfaces and the ability to add the remote host's interface addresses to the scanning queue. The new script arguments used for this functionality are "host" (required) and "port" (optional).

    - Fixed some inconsistencies in nmap-os-db and a small memory leak that would happen where there was more than one round of OS detection. These were reported by Xavier Sudre from netVigilance.

    - [NSE] Fixed a bug with worker threads calling the wrong destructors. Fixing this allows better parallelism in http-brute.nse. The problem was reported by Patrik Karlsson.

    - Upgraded the OpenSSL binaries shipped in our Windows installer to version 1.0.0a.

    - [NSE] Added prerule support to the dns-zone-transfer script,allowing it to run early to discover IPs from DNS records and optionally add those IPs to Nmap's target queue. You must specify the DNS server and domain name to use with script arguments.

    - Changed the name of libdnet's sctp_chunkhdr to avoid a conflict witha struct of the same name in. This caused a compilation error when Nmap was compiled with an OpenSSL that had SCTP support.

    - [NSE] Implemented a big cleanup of the Nmap NSE Nsock library binding code.

    - Added a bunch of Apple and Netatalk AFP service detection signatures. These often provide extra details such as whether the target is a MacBook Pro, Air, Mac Mini, iMac, etc.

    - [NSE] Host tables now have a host.traceroute member available when --traceroute is used. This array contains the IP address, reverse DNS name, and RTT for each traceroute hop.

    - [NSE] Made the ftp-anon script return a directory listing when anonymous login is allowed.

    - [NSE] Added the nmap.resolve() function. It takes a host name and optionally an address family (such as "inet") and returns a table containing all of its matching addresses. If no address family is specified, all addresses for the name are returned.

    - [NSE] Added the nmap.address_family() function which returns the address family Nmap is using as a string (e.g. "inet6" is returned if Nmap is called with the -6 option).

    - [NSE] Scripts can now access the MTU of the host.interface device using host.interface_mtu.

    - Restrict the default Windows DLL search path by removing the current directory. This adds extra protection against DLL hijacking attacks, especially if we were to add file type associations to Nmap in the future. We implement this with the SetDllDirectory function when available (Windows XP SP1 and later). Otherwise, we call SetCurrentDirectory with the directory containing the executable.

    - Nmap now prints the MTU for interfaces in --iflist output.

    - [NSE] Removed references to the MD2 algorithm, which OpenSSL 1.x.x no longer supports.

    - [Ncat,NSE] Server Name Indication (SNI) is now supported by Ncat and Nmap NSE, allowing them to connect to servers which run multiple SSL websites on one IP address. To enable this for NSE, the nmap.connect function has been changed to accept host and port tables (like those provided to the action function) in place of a string and a number.

    - [NSE] Renamed db2-info and db2-brute scripts to drda-*. Added support other DRDA based databases such as IBM Informix Dynamic Server and Apache Derby.

    - [Nsock] Added a new function, nsi_set_hostname, to set the intended hostname of the target. This allows the use of Server Name Indication in SSL connections.

    - [NSE] Limits the number of ports that qscan will scan (now up to 8 open ports and up to 1 closed port by default). These limits can be controlled with the qscan.numopen and qscan.numclosed script arguments.

    - [NSE] Made sslv2.nse give special output when SSLv2 is supported, but no SSLv2 ciphers are offered. This happened with a specific Sendmail configuration.

    - [NSE] Added a "times" table to the host table passed to scripts. This table contains Nmap's timing data (srtt, the smoothed round trip time; rttvar, the rtt variance; and timeout), all represented as floating-point seconds. The ipidseq and qscan scripts were updated to utilize the host's timeout value rather than using aconservative guess of 3 seconds for read timeouts.

    - Fixed the fragmentation options (-f in Nmap, --mtu in Nmap & Nping),which were improperly sending whole packets in version 5.35DC1.

    - [NSE] When receiving raw packets from Pcap, the packet capture time is now available to scripts as an additional return value from pcap_receive(). It is returned as the floating point number of seconds since the epoch. Also added the nmap.clock() function whichreturns the current time (and convenience functions clock_ms() and clock_us()). Qscan.nse was updated to use this more accurate timing data.

    - [Ncat,Nsock] Fixed some minor bugs discovered using the Smatch source code analyzer (http://smatch.sourceforge.net/).

    - [Zenmap] Fixed a crash that would happen after opening the search window, entering a relative date criterion such as "after:-7", and then clicking the "Expressions" button. The error message was AttributeError: 'tuple' object has no attribute 'strftime'

    - Added a new packet payload--a NAT-PMP external address request for port 5351/udp. Payloads help us elicit responses from listening UDP services to better distinguish them from filtered ports. This payload goes well with our new nat-pmp-info script.

    - Updated IANA IP address space assignment list for random IP (-iR) generation.

    - [Ncat] Ncat now uses case-insensitive string comparison when checking authentication schemes and parameters. Florian Roth found a server offering "BASIC" instead of "Basic", and the HTTP RFC requires case-insensitive comparisons in most places.

    - [NSE] There is now a limit of 1,000 concurrent running scripts,instituted to keep memory under control when there are many open ports. Nathan reported 3 GB of memory use (with an out-of-memory NSE crash) for one host with tens of thousands of open ports. This limit can be controlled with the variable CONCURRENCY_LIMIT in nse_main.lua.

    - The command line in XML output (/nmaprun/@args attribute) now does quoting of whitespace using double quotes and backslashes. This allows recovering the original command line array even when arguments contain whitespace.

    - Added a service detection probe for master servers of Quake 3 and related games.

    - [Zenmap] Updated French translation.

    - [Zenmap] Fixed an crash when printing a scan that had no output(like a scan made by command-line Nmap). Henri Doreau noticed the error.

    Nmap for Windows 7 How To by Security Audit Systems

    Nmap for Windows 7

    This is a guide on how to install the popular network scanner Nmap for Windows 7.

    About Nmap for Windows

    Nmap is a fully feature network scanner, that is one of the most popular free tools in the IT security sector. Although Nmap’s roots began in the Unix environment, in the last few years Nmap for Windows has been developed to allow its expansion into the Windows marketplace.

    Nmap for Windows is powered by a cross-platform GUI known as Zenmap. When installing Nmap Zenmap gets automatically installed along with Winpcap (packet capture) software.

    As this guide is about using Nmap for Windows, and most Windows users are more comfortable using a GUI, the steps below outline how to install Nmap and launch the Zenmap GUI.

    Installing Nmap for Windows

    1) The installer is available on the Nmap for Windows download page. This is a self-extracting binary file, and there are two options available, STABLE or DEVELOPMENT. I would recommend the STABLE release.

    2) Run the installation file and accept the terms and conditions. Leave all the default selections on the next screen to ensure Nmap for Windows gets installed with the necessary files.

    Note: If you receive error messages regarding Microsoft Visual C++ Redistributable Package (x86) being installed, you can press Ok and ignore these, as it most likely means you already have a version installed. If not you can grab the x86 and x64 editions (for 64bit versions of Windows) by doing a quick Google search for Microsoft Visual C++ Redistributable Package.

    3) You will now have successfully installed Nmap for windows. You can access Nmap for Windows through the Start > Program Files > Nmap > Nmap – Zenmap GUI

    4) If you wish to use the command line version of nmap in windows you can now do so via the Windows command line. Simply go to start > run > cmd or put cmd in the search box, and bring up the command prompt. From there you can run Nmap on the command line in Windows.