Quick list of cool new things in Nmap 4.00
Posted by Tate Hansen Fri, 03 Feb 2006 18:57:00 GMT
I'm catching up on the new features in Nmap 4.00 from this Security Focus interview with Fyodor. Some good things to remember:
- press [enter] anytime to get an estimate of when nmap will finish
- press 'v' anytime to enable verbose mode / press 'V' anytime to disable verbose mode
- there are now 3,153 signatures to detect an application or service (and possibly version) of a listening port
- there is a new --version-intensity option which specifies how hard nmap will interrogate a listening port
- new --badsum option which tells nmap to use invalid TCP or UDP checksums (can give you more information about a FW/IPS)
- Here is the link to Phrack #60 which gives the why and how of this new feature (written by Ed3f)
- much faster (although this depends on things like bandwidth, latency, and which command line options you specified)
- better OS detection (uses more tests to gain accuracy)
Here is a link to the official quick list of options for Nmap 4.00
