This is the last in a series of tips on how to use Nmap in an enterprise network environment.
When deciding which software tool to use for a particular task, it is important to review what the software does, ensure that its functionality matches your requirements, understand what help and support is provided, and make an assessment of the total cost of ownership. Let's take a look at how Nmap weighs in.
As Nmap is open source and free, it obviously comes in ahead of other network mappers in terms of cost. However, many IT administrators remain wary of open source software, often citing the lack of any warranty protection as a drawback when selling a proposal involving open source tools to senior management. For critical applications, such as network operating systems, many feel it is too much of a risk. However, it's extremely unusual for proprietary software suppliers to actually warrant that their software will provide you with uninterrupted and error-free operation. While Nmap doesn't come with a warranty, it is well supported by its enthusiastic development and user support communities. It is also well-documented, with up-to-date man pages, whitepapers and tutorials, though there is no expensive hotline to call if you have a problem or query!
Mature, open source software, particularly in the field of IT security, can often be a viable alternative to proprietary software. A series of UK government-sponsored trials of open source implementations (www.opensourceacademy.org.uk/solutions/casestudies) produced interesting results, concluding that open source application software used for specific tasks is often fit for purpose, as well as highlighting the fact that buying specialist software can lead buyers to suffer "hidden lock-in." However, as most open source software begins life on a Unix-based machine, the Windows-ported versions, which are often built on top of the original underlying library, don't necessarily take full advantage of the Windows environment in the way software written specifically for Windows does. Another area where open source tools do tend to fall behind their proprietary competitors is the integrated graphical user interface (GUI). Thankfully there are some GUIs being developed for Nmap for those who prefer to stay away from the command line.
The open source Nmap software is developed under the GNU General Public License as published by the Free Software Foundation, Version 2, and also comes with full source code that you can modify and redistribute under the terms of the license. From a legal standpoint, you should read and understand how Nmap code can be used.
I'm certainly not advocating that open source software is the answer to every situation, but the fact that Nmap has been around for several years, has won numerous awards and is included with many operating systems, makes it my tool of choice for network exploration and security auditing. It is a "best of breed" tool and is as good if not better than any commercial equivalent on the market.
Nmap technical manual
- An introduction to Nmap
- Nmap: A valuable open source tool for network security
- How to install and configure Nmap for Windows
- How to install and configure Nmap on Linux
- How to scan ports and services with Nmap
- More port scanning techniques
- Firewall configuration testing
- Techniques for improving Nmap port scan times
- How to interpret and act on Nmap scan results
- Nmap parsers and interfaces
- Nmap and the open source debate
About the author:
Michael Cobb, CISSP-ISSAP, is a renowned security author with over 20 years of experience in the IT industry. He has a passion for making IT security best practices easier to understand and achievable. His website http://www.hairyitdog.com offers free security posters to raise employee awareness of the importance of safeguarding company and client data and of following good practices. He co-authored the book IIS Security and has written many technical articles for leading IT publications. Mike has also been a Microsoft Certified Database Manager and registered consultant with the CESG Listed Advisor Scheme (CLAS).
Discover how Nmap 4.01 improves upon past releases
Nmap 5.20 released, learn about its 150+ improvements
Join the discussion: Nmap and the open source debate