WAN Validation Testing (by Tommy Landry and Steve Mitchell)
Managing the "Cloud" in Cloud Computing (by Alex Henthorn-Iwane)

Exclusive Review of Nmap 5.0 (by Tim O'Neill)

Tim_oneillEditor Profile - Tim O’Neill is an independent technology consultant. He has over 30 years experience working in the WAN, Analog, ISDN, ATM and LAN test market. Tim has worked with companies like Navtel, Network General, Ganymede and ClearSight Networks and is now helping companies get lab recognition and technology verification. Tim is also the Chief Contributing Editor for LoveMyTool.com, a website designed to help network managers gain access to valuable information and real solution stories from other customers. Tim is a patent holding, published and degreed engineer, who has seen this technology grow from Teletype (current loop) data analysis to today’s 10 Gigabit LAN’s focused on business applications with heavy compliance demands.

Tim can be reached at oldcommguy (at) bellsouth (dot) net.

Nmap ( Network Mapper) 5.00 is Released!

The best open source security solution just got better!

The most Significant release since 1997!

Today, July 16, 2009 -- Insecure.Org is pleased and excited to announce the immediate and free availability of the Nmap Security Scanner version 5.00.

Oldcommguy™ and Lovemytool.com are proud to be part of the announcement for Nmap V5.0. The new Nmap firmly sets the definition for Network Security and Exploitation analysis. Further the Nmap v5.0 is an essential Network Management Solution for Today’s difficult Compliance, Security and Networking duties. With Nmap v5.0 these duties have just been made easier and much more dynamic.

So a “Great Job” to the Nmap Team, they should be very proud of this unbelievable achievement!

FyodorGordon Lyon (also known as Fyodor) released Nmap in 1997 and continues to coordinate its development. He also maintains the Insecure.Org, Nmap.Org, SecLists.Org, and SecTools.Org security resource sites and has written seminal papers on OS detection and stealth port scanning. He is a founding member of the Honeynet Project, a popular speaker at security conferences, and author or co-author of the books "Nmap Network Scanning", "Know Your Enemy: Honeynets" and "Stealing the Network: How to Own a Continent".

I have been using Nmap for years and promote it to Compliance, Security and Network engineers. Nmap should be used in training our new generation of Engineers as it should be used as an essential tool and will lead to much enlightening and valuable information about one’s network. As the Compliance, Security and Networking disciplines converge Nmap will be become even more essential for base lining network and segment architecture with connection information and highlighting potentially dangerous changes.

I rate Nmap a 5 star tool *****, one that every one should use! Oldcommguy™

The original author of Nmap, Gordon “Fyodor” Lyon, is proud to announce this very major release with many new items and significant improvements! In actual fact, Fyodor told me that the Nmap Changelog will describe nearly 600 significant improvements since the last major release (4.50), now that is significant growth! More Media info at NmapPress.

Nmap ("Network Mapper") is the predominant and free open source (GNU GPL license) utility for network exploration and security auditing. Nmap has been named “Security product of the Year” by Linux Journal, Info World, CodeTalker Digest and LinuxQuestions.org. These are very high honors for an Open Source Solution but these accolades and more are well deserved by this awesome and very needed network solution!

Mike_pennacchiMike Pennacchi, Owner - Network Protocol Specialists, LLC says about Nmap:

“While there are a number of tools out there that will scan a network and show which devices will reply to an ICMP Echo Request (PING), none provide the level of detail provided by Nmap. When performing network assessments, we at NPS have found Nmap to be an invaluable tool for not only determining which devices are connected to the network, but also which services are running on them. Congratulations on V5.0 we cannot wait to make use of the additions.”

Gerald_CombsGerald Combs – Founder of Wireshark fka Ethereal – talks about Nmap -

“Nmap has been an essential tool for every network and security professional for more than ten years. These new features in Nmap 5.0 represent a major leap forward in helping you keep your network documented and secure. Great job and Congratulations.”

This new version allows for network inventory and answers the “What has changed question to be answered” when used with NDiff. Another new and super ability for network and security managers is the capability to point at a network or segment, map it with Zenmap than save as an .svg file (scalable vector graphic) for visual labeling, comparisons, documentation…etc through tools like Inkscape (Inkscape.org).

One of the biggest issues facing network and security managers is the arduous task of network mapping and with Nmap V5.0 this task is very easy and simple. For Compliance studies Nmap offers many features to assure connectivity and documentation as well as assisting in change and upgrade management.

Just some same screens from Nmap V5.0 – very cool and sophisticated visualizations -

#1 - zenmap nmap5 server detail

Zenmap nmap5 server detail

#2 - zenmap nmap5 Services Detail

Zenmap nmap5 Services Detail

#3 - zenmap nmap5 topology detail

Zenmap nmap5 topology detail

Listed below are the Top 5 new and very powerful Tools and Changes in Nmap V5.0!

1. The new Ncat tool aims to be your Swiss Army Knife for data transfer, redirection, and debugging. We released a whole users' guide detailing security testing and network administration tasks that are made easy with Ncat.

2. The addition of the Ndiff scan comparison tool completes Nmap's growth into a whole suite of applications which work together to serve network administrators and security practitioners. Ndiff makes it easy to automatically scan your network daily and report on any changes (systems coming up or going down or changes to the software services they are running). The other two tools now packaged with Nmap itself are Ncat and the much improved Zenmap GUI and results viewer.

3. Nmap performance has improved dramatically. We spent last summer scanning much of the Internet and merging that data with internal enterprise scan logs to determine the most commonly open ports. This allows Nmap to scan fewer ports by default while finding more open ports. We also added a fixed-rate scan engine so you can bypass Nmap's congestion control algorithms and scan at exactly the rate (packets per second) you specify.

4. We released Nmap Network Scanning, the official Nmap guide to network discovery and security scanning. From explaining port scanning basics for novices to detailing low-level packet crafting methods used by advanced hackers, this book suits all levels of security and networking professionals. A 42-page reference guide documents every Nmap feature and option, while the rest of the book demonstrates how to apply those features to quickly solve real-world tasks. More than half the book is available in the free online edition.

5. The Nmap Scripting Engine (NSE) is one of Nmap's most powerful and flexible features. It allows users to write (and share) simple scripts to automate a wide variety of networking tasks. Those scripts are then executed in parallel with the speed and efficiency you expect from Nmap. All existing scripts have been improved, and 32 new ones added. New scripts include a whole bunch of MSRPC/NetBIOS attacks, queries, and vulnerability probes; open proxy detection; whois and AS number lookup queries; brute force attack scripts against the SNMP and POP3 protocols; and many more. All NSE scripts and modules are described in the new NSE documentation portal.

Be sure to check out and purchase Fyodor’s Nmap Handbook with valuable topics like - “Detecting and Subverting Firewalls and Intrusion Detection Systems”, “Optimizing Nmap Performance”, “Port Scanning Techniques and Algorithms”, “Host Discovery (Ping Scanning)”, and more. Portions of the book are available free at http://nmap.org/book/toc.html !

Oldcommguy™ note – If you are interested in Network Security and or the lack thereof (Vulnerability), I suggest that you should read Fyodor’s books, I own and have read all three of his books and refer to them often.

Continue reading other Editorial posts by Tim O'Neill »