If you’re still running nmap 6.0, now’s the time to upgrade!
Open source security scanner nmap has received a big upgrade in version 7, which debuted November 19, 2015.
Touted as the product of three and a half years of work, nmap 7 includes nearly 3,200 code commits and enhancements that are part of over a dozen point releases since the big nmap 6 release in May 2012.
Nmap 7 – Highlights
Since nmap 6, developers of the free security scanner have added 171 new scripts and 20 libraries including firewall-bypass, supermicro-ipmi-conf, oracle-brute-stealth, and ssl-heartbleed.
The Nmap Scripting Engine (NSE) is now reportedly powerful enough that scripts can take on core functions such as host discovery (dns-ip6-arpa-scan), version scanning (ike-version, snmp-info, etc.) and RPC grinding (rpc-grind).
There’s even a proposal to implement port scanning in NSE.
Nmap 7 provides full IPv6 support for CIDR-style address ranges, Idle Scan, parallel reverse-DNS, and more NSE script coverage.
Faster scans is another highlight of nmap 7.
Version scan is supposedly quicker in nmap 7 because of 56 more softmatch lines that prevent nmap from sending irrelevant probes to certain services.
The ssl-enum-ciphers script has been entirely revamped in release 7 to perform fast analysis of TLS deployment problems, and version scanning probes have been tweaked to quickly detect the newest TLS handshake versions.
A favorite of systems and network administrators, nmap is used for network inventory, managing service upgrade schedules, monitoring host or service uptime and other tasks.
The cross-platform nmap uses raw IP packets to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics.
Designed for rapid scan of large networks, nmap works well for single hosts too.