Cookies op Tweakers

Tweakers maakt gebruik van cookies, onder andere om de website te analyseren, het gebruiksgemak te vergroten en advertenties te tonen. Door gebruik te maken van deze website, of door op 'Ga verder' te klikken, geef je toestemming voor het gebruik van cookies. Wil je meer informatie over cookies en hoe ze worden gebruikt, bekijk dan ons cookiebeleid.

Meer informatie

Door , , 7 reacties
Bron: Nmap

Nmap is een programma voor het verkennen en controleren van een netwerk. Het is ontworpen om zonder vertragingen een groot netwerk te scannen en werkt ook zonder problemen op een enkele host. Het programma maakt gebruik van 'raw ip packets' om actieve hosts en informatie over de beschikbare services te achterhalen. Het wordt gebundeld met NSE waarmee je scripts kan gebruiken voor het detecteren van beveilingslekken, vergelijkbaar met Nessus of OpenVAS kwa idee; Zenmap waarmee een visuele topology van de gedetecteerde netwerkomgeving gegenereerd wordt; en Ncat waarmee je netwerkverkeer kan onderscheppen, analyseren, aanpassen, etc. Meer informatie over de mogelijkheden is te vinden op deze pagina. De ontwikkelaars hebben ter gelegenheid van de negentiende verjaardag de tweede bètaversie van Nmap 7.25 uitgebracht, voorzien van de volgende aankondiging op de mailinglijst:

Nmap 7.25BETA2 Birthday Release

Hi folks! I'm happy to report that today is Nmap's 19th birthday and instead of cake, we're celebrating open source style with a new release! Nmap 7.25BETA1 includes dozens of performance improvements, bug fixes, and new features. The full list is below, and includes a major LUA upgrade for NSE scripts, a new overlapped I/O engine for better Windows performance, a much-improved version of our new Npcap packet capturing driver, new NSE scripts, integration of more than 500 of your fingerprint submissions, and more!

Nmap 7.25BETA2 source code and binary packages for Linux, Windows, and Mac are available for free download from the usual spot. If you find any bugs in this release, please let us know on the Nmap Dev list or bug tracker.

Here are the changes since the 7.25BETA1 release in July:
  • [NSE] Upgraded NSE to Lua 5.3, adding bitwise operators, integer data type, a utf8 library, and native binary packing and unpacking functions. Removed bit library, added bits.lua, replaced base32, base64, and bin libraries.
  • Integrated all of your service/version detection fingerprints submitted from January to April (578 of them). The signature count went up 2.2% to 10760. We now detect 1122 protocols, from elasticsearch, fhem, and goldengate to ptcp, resin-watchdog, and siemens-logo.
  • Upgraded Npcap, our new Windows packet capturing driver/library, from version 0.07-r17 to 0.09.
  • [Nsock] Added the new IOCP Nsock engine which uses the Windows Overlapped I/O API to improve performance of version scan and NSE against many targets on Windows.
  • Windows binaries are now code-signed with our "Insecure.Com LLC" SHA256 certificate. This should give our users extra peace-of-mind and avoid triggering Microsoft's ever-increasing security warnings.
  • Various performance improvements for large-scale high-rate scanning, including increased ping host groups, faster probe matching, and ensuring data types can handle an Internet's-worth of targets.
  • [NSE] Added the oracle-tns-version NSE script which decodes the version number from Oracle Database Server's TNS listener.
  • [NSE] Added the clock-skew NSE script which analyzes and reports clock skew between Nmap and services that report timestamps, grouping hosts with similar skews.
  • [Zenmap] Long-overdue Spanish language translation has been added! Muybien!
  • [Zenmap] Fix a crash when closing Zenmap due to a read-only zenmap.conf. User will be warned that config cannot be saved and that they should fix the file permissions.
  • [NSE] Fix a crash when parsing TLS certificates that OpenSSL doesn't support, like DH certificates or corrupted certs. When this happens, ssl-enum-ciphers will label the ciphersuite strength as "unknown." Reported by Bertrand Bonnefoy-Claudet.
  • [NSE] Fix two issues in sslcert.lua that prevented correct operations against LDAP services when version detection or STARTTLS were used.
  • Remove a workaround for lack of selectable pcap file descriptors on Windows, which required including pcap-int.h and locking us to a single version of libpcap. The new method, using WaitForSingleObject should work with all versions of both WinPcap and Npcap.
  • [NSE] Added a --script-timeout option for limiting run time for every individual NSE script.
  • [Ncat] Added a -z option to Ncat. Just like the -z option in traditional netcat, it can be used to quicky check the status of a port. Port ranges are not supported since we recommend a certain other tool for port scanning.
  • Fix checking of Npcap/WinPcap presence on Windows so that "nmap -A" and "nmap" with no options result in the same behaviors as on Linux (and no crashes)
  • [NSE] ssl-enum-ciphers will now warn about 64-bit block ciphers in CBC mode, which are vulnerable to the SWEET32 attack.
  • [NSE] tftp-enum now only brute-forces IP-address-based Cisco filenames when the wordlist contains "{cisco}". Previously, custom wordlists would still end up sending these extra 256 requests.
  • Avoid an unnecessary assert failure in timing.cc when printing estimated completion time. Instead, we'll output a diagnostic error message: Timing error: localtime(n) is NULL where "n" is some number that is causing problems.
  • [NSE] Removed the obsolete script ip-geolocation-geobytes.
  • [NSE] Completed a refresh and validation of almost all fingerprints for script http-default-accounts. Also improved the script speed.
  • Added support for decoys in IPv6. Earlier we supported decoys only in IPv4.
  • Allow Nmap to compile on some older Red Hat distros that disable EC crypto support in OpenSSL.
  • Nmap now supports OpenSSL 1.1.0-pre5 and previous versions.
  • [Ncat] Fix a crash ("add_fdinfo() failed.") when --exec was used with --ssl and --max-conns, due to improper accounting of file descriptors.
  • FTP Bounce scan: improved some edge cases like anonymous login without password, 500 errors used to indicate port closed, and timeouts for LIST command. Also fixed a 1-byte array overrun (read) when checking for privileged ports.
  • Allow target DNS names up to 254 bytes. We previously imposed an incorrect limit of 64 bytes in several parts of Nmap.
  • [NSE] The hard limit on number of concurrently running scripts can now increase above 1000 to match a high user-set --min-parallelism value.
  • [NSE] Solved a memory corruption issue that would happen if a socket connect operation produced an error immediately, such as Network Unreachable. The event handler was throwing a Lua error, preventing Nsock from cleaning up properly, leaking events.
  • [NSE] Added the datetime library for performing date and time calculations, and as a helper to the clock-skew script.
  • Made Nmap's parallel reverse DNS resolver more robust, fully handling truncated replies. If a response is too long, we now fall back to using the system resolver to answer it.
  • [Zenmap] Added a legend for the Topography window.
Enjoy the new birthday release!

Cheers,
Fyodor
Versienummer:7.25 bta 2
Releasestatus:Beta
Besturingssystemen:Windows 7, Linux, BSD, macOS, Solaris, UNIX, Windows Server 2008, Windows Server 2012, Windows 8, Windows 10
Website:Nmap
Download:https://nmap.org/download.html
Licentietype:GPL
Moderatie-faq Wijzig weergave

Reacties (7)

Nu ken ik het programma niet maar ga het wel proberen omdat op ons werknetwerk sterke pieken en dalen in de performance zitten. Zou ik die met deze tool ook kunnen achterhalen?

Zo niet is er een alternatief dat probleem situaties in een bedrijfsnetwerk kan opsporen?
Nmap gebruik ik voornamelijk om port scans mee uit te voeren. Geen idee of latency debugging er ook mee mogelijk is.
NMAP is hier minder of niet geschikt voor. Voor network performance troubleshooting raad ik Wireshark aan. En dan controleren op delays in opeenvolgende TCP pakketten.

Mocht je training willen in Wireshark, kan ik van harte de CBT Nuggets Wireshark met Keith Barker aanbevelen. Ik heb er, als systeembeheerder, een hoop van geleerd. :)
Voor degenen die het nog niet kennen: er is ook ZenMap. Een gui die het gebruik van Nmap en het herleiden van informatie daaruit een stuk makkelijker maakt, althans visueler.

[Reactie gewijzigd door twicejr op 6 september 2016 12:15]

In de windows-installer wordt deze standaard aangeboden.
Klopt alleen is die vreselijk instabiel.


Om te kunnen reageren moet je ingelogd zijn



Apple iOS 10 Google Pixel Apple iPhone 7 Sony PlayStation VR AMD Radeon RX 480 4GB Battlefield 1 Google Android Nougat Watch Dogs 2

© 1998 - 2016 de Persgroep Online Services B.V. Tweakers vormt samen met o.a. Autotrack en Carsom.nl de Persgroep Online Services B.V. Hosting door True