This is the last in a series of tips on how to use Nmap in an enterprise network environment.

    Requires Free Membership to View

More on Nmap

Learn how Nmap parsers and interfaces can work for you.

Discover how Nmap can benefit you.

When deciding which software tool to use for a particular task it is important to review what the software does, ensure that its functionality matches your requirements, understand what help and support is provided, and make an assessment of the total cost of ownership. Let's take a look at how Nmap weighs in.

As Nmap is free it obviously comes in ahead of other network mappers in terms of cost. However, many IT administrators remain wary of open source software, often citing the lack of any warranty protection as a drawback when selling a proposal involving open source tools to senior management. For critical applications, such as network operating systems, many feel it is too much of a risk. However, it's extremely unusual for proprietary software suppliers to actually warrant that their software will provide you with uninterrupted and error-free operation. While Nmap doesn't come with a warranty, it is well supported by its enthusiastic development and user support communities. It is also well-documented, with up-to-date man pages, whitepapers and tutorials, though there is no expensive hotline to call if you have a problem or query!

Mature, open source software, particularly in the field of IT security, can often be a viable alternative to proprietary software. A series of UK government-sponsored trials in to open source implementations (www.opensourceacademy.org.uk/solutions/casestudies) produced interesting results, concluding that open source application software used for specific tasks is often fit for purpose, as well as highlighting the fact that buying specialist software can lead buyers to suffer "hidden lock-in." However, as most open source software begins life on a Unix-based machine, the Windows-ported versions, which are often built on top of the original underlying library, don't necessarily take full advantage of the Windows environment in the way software written specifically for Windows does. Another area where open source tools do tend to fall behind their proprietary competitors is the integrated GUI. Thankfully there are some GUIs being developed for Nmap for those who prefer to stay away from the command line.

Nmap is developed under the GNU General Public License as published by the Free Software Foundation, Version 2, and also comes with full source code that you can modify and redistribute under the terms of the license. From a legal standpoint, you should read and understand how Nmap code can be used.

I'm certainly not advocating that open source software is the answer to every situation, but the fact that Nmap has been around for several years, has won numerous awards, and is included with many operating systems, makes it my tool of choice for network exploration and security auditing. It is a "best of breed" tool and is as good if not better than any commercial equivalent on the market.


NMAP TECHNICAL MANUAL

  Introduction
  Nmap: A valuable open source tool for network security
  How to install and configure Nmap for Windows
  How to install and configure Nmap on Linux
  How to Scan ports and services
  More port scanning techniques
  Firewall configuration testing
  Techniques for improving Nmap scan times
  Interpreting and acting on Nmap scan results
  Nmap parsers and interfaces
  Nmap and the open source debate

This was first published in October 2006

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.