This is the ninth in a series of tips on how to use Nmap in an enterprise network environment.

For a security tool to be useful you have to be able to understand what it's telling you about the setup, security, or weak points of your system or network. With Nmap you can run very comprehensive tests. To analyze the results it is often best to have the output recorded in XML format so that it can be easily imported into a database or converted into HTML for analysis and human consumption.

You can have Nmap's output saved as XML by adding the -oX option to your Nmap command, as in:

nmap -A -oX scanreport.xml www.yourorg.com To organize and make the XML output more presentable, you can use the style sheet option (--stylesheet). The XML file will point to a style sheet for formatting and transformation using the eXtensible Stylesheet Language (XSL), which describes how the XML document should be displayed. Nmap includes a default XSL styles sheet called nmap.xsl, the latest version of which you can also reference by including the full URL in the command line: nmap -A -oX --stylesheet http://insecure.org/nmap/data/nmap.xsl scanreport.xml www.yourorg.com Referencing a style sheet located on the Web enables you to view correctly formatted results on a machine that doesn't have Nmap or nmap.xsl installed. You can, of course, also opt to use your own style sheet.

    Requires Free Membership to View

More information on Nmap

Learn the benefits of Nmap

Review five freeware tools that can help mitigate network vulnerabilities

The main advantage of Nmap being a command-line application is that it is easier to run from a script, and precise scans can be executed without having to set lots of different options. However this can be intimidating for new and infrequent users. NmapFE is a graphical X Window front end for Nmap. Most of its options correspond directly to Nmap options, allowing you to select your targets, set your scanning options and view the results of your scan. It also shows you the actual Nmap command you're creating on the command line, which is a great way to learn how to construct complex Nmap command line instructions.

Although there is no official release date, Nmap creator Fyodor hopes to have a compatible version of NmapFE for Windows out this year. Meanwhile, you can try using NMapWin, which is a Windows front-end for Nmap with a similar look and feel to the GTK style front-end of NmapFE, and includes all of Nmap's command line switches. It can be downloaded from nmapwin.sourceforge.net/.

Various simple Web-based interfaces to Nmap also exist, allowing Nmap to be controlled using a Web browser. Nmap-web available at www.komar.org/pres/nmap-web/ is a Perl-based Web interface for machines running on Unix or Linux, and allows you to select a list of ports and a list of hosts for Nmap to scan for open ports. Localscan also requires Perl and is designed to reduce the amount of unwanted information returned by Nmap scans of a given subnet by using a list of "ignore this host/port combination" rules. More information is available at staff.washington.edu/dgreene/localscan/.


NMAP TECHNICAL MANUAL

 Introduction
  Nmap: A valuable open source tool for network security
  How to install and configure Nmap for Windows
  How to install and configure Nmap on Linux
  How to scan ports and services
  More port scanning techniques
  Firewall configuration testing
  Techniques for improving Nmap scan times
  Interpreting and acting on Nmap scan results
  Nmap parsers and interfaces
  Nmap and the open source debate

This was first published in September 2006

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.