The Nmap Project has released the Holiday Edition of its open source, cross-platform security scanner and network mapper (holiday Nmap 7.40 release!), with several important improvements and bug fixes. The newer version is stuffed with dozens of new features with several important improvements and bug fixes, including:
• 12 new NSE scripts.
• Hundreds of updated OS and version detection signatures.
• Faster brute force authentication cracking and other NSE library improvements.
• A much-improved version of Npcap Windows packet capturing driver/library.
The Nmap (Network Mapper) Security Scanner is widely used by IT and security administrators for network mapping, port-scanning, and network vulnerability testing. The Namp is used by many security professionals around the world for network inventory, check for open ports, manage service upgrade schedules, and monitor host or service uptime.
The Nmap is mainly used for network discovery and performing security audits. It uses raw IP packets in creative ways to determine what hosts are available on the network, what services (application name and version) those hosts are providing information about, what operating systems (fingerprinting) and what type and version of packet filters/ firewalls are being used by the target. Moreover, with a network map, administrators can spot unauthorized devices, ports that shouldn’t be open, or users running unauthorized services.
There are many improvements done to Nmap, the newer version includes changes like:
- Updated the bundled Npcap from 0.10r9 to 0.78r5, with an improved installer experience, driver signing updates to work with Windows 10 build 1607, and bug fixes for WiFi connectivity problems.
- Integrated all IPv4 OS fingerprint submissions from April to September. Added 149 fingerprints, bringing the new total to 5,336. Additions include Linux 4.6, MacOS 10.12 Sierra, NetBSD 7.0, and more.
- Integrated all service/version detection fingerprints submitted from April to September. The signature count went up 3.1% to 11,095. We now detect 1161 protocols, from airserv-ng, domain time, and mep to nutcracker, rhpp, and usher.
- Fix reverse DNS on Windows which was failing with the message “mass_dns: warning: Unable to determine any DNS servers.” This was because the interface GUID comparison needed to be case-insensitive.
- NSE Added 12 NSE scripts from 4 authors, bringing the total up to 552.
- New option –defeat-icmp-ratelimit dramatically reduces UDP scan times in exchange for labeling unresponsive (and possibly open) ports as “closed|filtered”. Ports which give a UDP protocol response to one of Nmap’s scanning payloads will be marked “open”.
- Added scan resume from the Nmap’s XML output. Now you can –resume a canceled scan from all 3 major output formats: -oN, -oG, and –oX.
- Added scan resume from the Nmap’s XML output. Now you can –resume a canceled scan from all 3 major output formats: -oN, -oG, and -oXFix a bug where hosts with the same IP but different hostnames were shown as changing host names between scans. Made sort stable with regard to hostnames.
- Updated http.lua to allow processing of HTTP responses with malformed header names. Such header lines are still captured in the raw-header list but skipped otherwise.
- And much more.
After this new release, Nmap now detects 1,161 protocols, including airserv-ng, domain time, rhpp, and usher. The fingerprints help speed up overall scan times. But, the common issue when running a network scan is the time it takes to complete when some of the ports are unresponsive. For this, A new option—defeat-icmp-ratelimit— is introduced that will label unresponsive ports as “closed|filtered” in order to reduce overall UDP scan times.
Overall, the new release has fixed many bugs and comes with great improvements upon user’s response. However, Nmap is inviting users to report bugs if they found any in this new release. The bug can be reported through Nmap Dev list or bug tracker.