This is the last in a series of tips on how to use Nmap in an enterprise network environment.
When deciding which software tool to use for a particular task it is important to review what the software does, ensure that its functionality matches your requirements, understand what help and support is provided, and make an assessment of the total cost of ownership. Let's take a look at how Nmap weighs in.
As Nmap is free it obviously comes in ahead of other network mappers in terms of cost. However, many IT administrators remain wary of open source software, often citing the lack of any warranty protection as a drawback when selling a proposal involving open source tools to senior management. For critical applications, such as network operating systems, many feel it is too much of a risk. However, it's extremely unusual for proprietary software suppliers to actually warrant that their software will provide you with uninterrupted and error-free operation. While Nmap doesn't come with a warranty, it is well supported by its enthusiastic development and user support communities. It is also well-documented, with up-to-date man pages, whitepapers and tutorials, though there is no expensive hotline to call if you have a problem or query!
Mature, open source software, particularly in the field of IT security, can often be a viable alternative to proprietary software. A series of UK government-sponsored trials in to open source implementations (www.opensourceacademy.org.uk/solutions/casestudies) produced interesting results, concluding that open source application software used for specific tasks is often fit for purpose, as well as highlighting the fact that buying specialist software can lead buyers to suffer "hidden lock-in." However, as most open source software begins life on a Unix-based machine, the Windows-ported versions, which are often built on top of the original underlying library, don't necessarily take full advantage of the Windows environment in the way software written specifically for Windows does. Another area where open source tools do tend to fall behind their proprietary competitors is the integrated GUI. Thankfully there are some GUIs being developed for Nmap for those who prefer to stay away from the command line.
Nmap is developed under the GNU General Public License as published by the Free Software Foundation, Version 2, and also comes with full source code that you can modify and redistribute under the terms of the license. From a legal standpoint, you should read and understand how Nmap code can be used.
I'm certainly not advocating that open source software is the answer to every situation, but the fact that Nmap has been around for several years, has won numerous awards, and is included with many operating systems, makes it my tool of choice for network exploration and security auditing. It is a "best of breed" tool and is as good if not better than any commercial equivalent on the market.
NMAP TECHNICAL MANUAL
Nmap: A valuable open source tool for network security
How to install and configure Nmap for Windows
How to install and configure Nmap on Linux
How to Scan ports and services
More port scanning techniques
Firewall configuration testing
Techniques for improving Nmap scan times
Interpreting and acting on Nmap scan results
Nmap parsers and interfaces
Nmap and the open source debate
This was first published in October 2006