Nmap: A valuable open source tool for network security

Arguing for an increase in your IT security budget is often an arduous task, so many administrators turn to free open source tools to help get the job done. But how can they rely on tools with no commercial support and

    Requires Free Membership to View

that never get past the beta version? Well, if you think like that, you need to think again. Many open source tools now compare favorably with commercial alternatives in terms of features, reliability and help forums. One in particular, Nmap, has become the tool of choice for many network and security administrators for network mapping and vulnerability testing.

Nmap (Network Mapper) Security Scanner, written by Fyodor and now up to version 4, provides a wide range of port-scanning techniques designed to rapidly scan networks, large and small, for network exploration and security auditing. Nmap port-scanning can determine what hosts are available on a network, what services those hosts are offering, and what type of packet filters and firewalls are in use. It also has the ability to remotely fingerprint a machine's operating system. Most Unix and Windows platforms are supported, as is Mac OS X and several handheld devices. It is available in both command line and graphical user interface modes, a blessing for those system administrators who are less familiar with working at the command prompt.

So why do you need a network scanner? Nmap is a favorite hacker tool, so it makes sense to run your own scan, find open ports and see what information your network is leaking to potential attackers. A Windows machine, for example, can use hundreds of ports to communicate with other machines, and each open port is a potential route in to your network for an attacker. Port scanning with Nmap is a fast and effective way to identify which ports are open, what services are running on them and where weak spots exist in your defences. When you have identified which ports are open, you can close any that are not required, thus reducing the number of potentially exploitable services. And when you have mapped your network, you can also see if any unexpected changes have occurred since the last scan. For example, a machine infected by a worm will try to open ports in order to listen for instructions from its controller.

Nmap has won numerous awards, including the Linux Journal's Editor's Choice Award for Best Security Tool. Other accolades include being featured in the film Matrix Reloaded and appearing in a photograph of President Bush visiting the NSA. So if you want to add one of the most versatile network tools to your toolbox and discover what hackers can learn about your network, you should download your copy at www.insecure.org. In upcoming tip in this series, I will explain how to install and configure Nmap on both Linux and Windows machines.


 Nmap: A valuable open source tool for network security
  How to install and configure Nmap for Windows
  How to install and configure Nmap on Linux
  How to scan ports and services
  More port scanning techniques
  Firewall configuration testing
  Techniques for improving Nmap scan times
  Interpreting and acting on Nmap scan results
  Nmap parsers and interfaces
  Nmap and the open source debate


This was first published in May 2006

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.