Quick list of cool new things in Nmap 4.00
I'm catching up on the new features in Nmap 4.00 from this Security Focus interview with Fyodor. Some good things to remember:
- press [enter] anytime to get an estimate of when nmap will finish
- press 'v' anytime to enable verbose mode / press 'V' anytime to disable verbose mode
- there are now 3,153 signatures to detect an application or service (and possibly version) of a listening port
- there is a new --version-intensity option which specifies how hard nmap will interrogate a listening port
- new --badsum option which tells nmap to use invalid TCP or UDP checksums (can give you more information about a FW/IPS)
- Here is the link to Phrack #60 which gives the why and how of this new feature (written by Ed3f)
- much faster (although this depends on things like bandwidth, latency, and which command line options you specified)
- better OS detection (uses more tests to gain accuracy)
Here is a link to the official quick list of options for Nmap 4.00
