Home > Security Tips > Network Security Tactics > How to install and configure Nmap for Windows
Security Tips:
EMAIL THIS
 TIPS & NEWSLETTERS TOPICS 

How to install and configure Nmap for Windows


Michael Cobb
Rating: -3.56- (out of 5)

This is the second in a series of tips on how to use Nmap in an enterprise network environment.

Nmap was originally a command-line application for Unix, but a Windows version has been available since 2000. This tip discusses how to install and configure Nmap for Windows.

Although you can download and install Nmap from a zip file, the latest version requires the free WinPcap packet capture library to be installed as well. I suggest you opt for using the Nmap Windows installer, which handles WinPcap installation for you. This installer, nmap-4.01-setup.exe, can be downloaded from the insecure.org Web site at http://www.insecure.org/nmap/download.html. The installer doesn't add a shortcut to the Programs menu for Nmap as you need to run nmap.exe from a DOS command prompt, and although WinPcap does appear in the Add/Remove applet, you will need to run the uninstall program in the Nmap folder if you choose to remove Nmap at any time. The total space required for the comp...


BROWSE BY TAG
Network Security Tactics,   Application and Platform Security,   Open Source Security Tools and Applications,   Network Intrusion Detection and Analysis,   Monitoring Network Traffic and Network Forensics,   Enterprise Network Security,   VIEW ALL TAGS

RELATED CONTENT
Network Security Tactics
What to do with network penetration test results
How to use TrueCrypt for disk encryption
Protecting enterprise networks from new mobile application downloads
Maintaining security after a cloud computing implementation
Preparing the network for a cloud computing implementation
PuTTY configuration tips: How to connect to remote network systems
A guide to internal and external network security auditing
How to keep networks secure when deploying an 802.11n upgrade
Screencast: Find rogue wireless access points with Vistumbler
How to provide access to Web content (while ensuring network security)

Open Source Security Tools and Applications
PuTTY configuration tips: How to connect to remote network systems
Screencast: Find rogue wireless access points with Vistumbler
Screencasts: On-screen demonstrations of security tools
H.D. Moore on future of Metasploit attack platform
H.D. Moore speaks about Metasploit Project deal, Release 3.3
Screencast: How to launch an OpenVAS scan
Could Metasploit popularity erode?
Metasploit Project acquired by vulnerability management firm Rapid7
SSH key compromise shuts down Apache website
Screencast: Smoothwall offers firewall defense in lean times

Monitoring Network Traffic and Network Forensics
PuTTY configuration tips: How to connect to remote network systems
A guide to internal and external network security auditing
Best practices for (small) botnets
Botnet masters turn to Google, social networks to avoid detection
Preventing SQL injection attacks: A network admin's perspective
Breach prevention: How to keep track of data and applications
Researchers find thousands of flawed embedded devices
Network traffic collection, analysis helps prevent data breaches
Lifecycle of a network security vulnerability
Port scan attack prevention best practices

RELATED GLOSSARY TERMS
Terms from Whatis.com − the technology online dictionary
Blowfish  (SearchSecurity.com)
Kermit  (SearchSecurity.com)
Open Source Hardening Project  (SearchSecurity.com)
SnortSnarf  (SearchSecurity.com)

RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary


lete installation is only 2.6Mb.

The default install directory is C:\Program Files\Nmap\ but because the installer adds Nmap to the computer's PATH environment variable, you can execute Nmap from any directory. So to run and test Nmap, open a Command Prompt window and type the following, which will scan the host scanme.insecure.org:

nmap -A -T4 scanme.insecure.org The A and T4 options enable OS and version detection, and set the timing template to "aggressive." There are more than a hundred command-line options, some of which we'll be looking at in the next few tips. Note that the command options are case-sensitive.

Nmap for Windows is not as efficient as on Unix. The connect scan (-sT) in particular is often much slower because of shortcomings in the Windows networking API. You can improve connect scan performance by double clicking the nmap_performance.reg file located in the Nmap directory, which will make three registry changes in order to increase the number of ephemeral ports reserved for applications such as Nmap, and decrease the amount of time before a closed connection can be reused. If you run in to problems running Nmap on Windows you should check for error messages in the Windows event log and then see if the problem is covered in the Nmap-dev list archives at http://seclists.org/#nmap-dev. There is also plenty of supporting documentation for Nmap at http://www.insecure.org/nmap/docs.html, and it is worthwhile subscribing to the Nmap-hackers mailing list, too.

The main advantage of Nmap being a command-line application is that it is easier to run from a script, and precise scans can be executed without having to set lots of different options. However, this can be intimidating for new and infrequent users. And although there are graphical user interfaces (GUI) available for Unix, as yet there are no stable GUIs for Windows. Fortunately, this is expected to change this year. There is no official release date, but the creator of Nmap, Fyodor, hopes to have a Windows-compatible version of NmapFE, the most popular GUI for Unix, out sometime this year. There are other cross-platform GUIs that are in development too, such as UMIT (http://umit.sourceforge.net/).


Rate this Tip
To rate tips, you must be a member of SearchSecurity.com.
Register now to start rating these tips. Log in if you are already a member.




DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.



Research Solutions for Network Security, Access Control and Security Threats
TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2003 - 2010, TechTarget | Read our Privacy Policy
  TechTarget - The IT Media ROI Experts