Most popular open source network discovery and security auditing tool Nmap has reached version 6.0.
The new code hit the Net last Monday, complete with a message from coder Gordon Lyon, aka Fyodor, that the new version represents “almost three years of work, 3,924 code commits, and more than a dozen point releases since the big Nmap 5 release in July 2009.”
Fyodor recommends all users upgrade to the new version, so they can get their hands on 289 new scripts and a host of new features.
- Enhanced Nmap Scripting Engine (NSE)
- Better Web Scanning
- Full IPv6 Support
- New Nping Tool
- Better Zenmap GUI and Results Viewer
- Faster Scans
A primary focus of this release is the Nmap Scripting Engine, which has allowed Nmap to expand up the protocol stack and take network discovery to the next level. Nmap can now query all sorts of
application protocols, including web servers, databases, DNS servers, FTP, and now even Gopher servers! Remember those? These capabilities are in self-contained libraries and scripts to avoid bloating Nmap’s core engine.
This release isn’t just about NSE. The Nping packet probing and analysis tool (http://nmap.org/nping/) is also added in 5.35DC1. Version 5.50 improves Nping further with an innovative new echo mode (http://bit.ly/nping-echo).
Also added 636 OS fingerprints and 1,037 version detection signatures to Nmap since 5.21, bringing the totals to 2,982 and 7,319, respectively. No other tool comes close.
Mausezahn is a free fast traffic generator written in C which allows you to send nearly every possible and impossible packet. It is mainly used to test VoIP or multicast networks but also for security audits to check whether your systems are hardened enough for specific attacks.
Mausezahn can be used for example:
- As traffic generator (e. g. to stress multicast networks)
- To precisely measure jitter (delay variations) between two hosts (e. g. for VoIP-SLA verification)
- As didactical tool during a datacom lecture or for lab exercises
- For penetration testing of firewalls and IDS
- For DoS attacks on networks (for audit purposes of course)
- To find bugs in network software or appliances
- For reconnaissance attacks using ping sweeps and port scans
- To test network behaviour under strange circumstances (stress test, malformed packets, …)
…and more. Mausezahn is basically a versatile packet creation tool on the command line with a simple syntax and context help. It could also be used within (bash-) scripts to perform combination of tests.
Currently Mausezahn is only available for Linux platforms.
As of version 0.38, Mausezahn supports the following protocols:
- BPDU or PVST
- TCP (stateless)
- ICMP (partly)
- RTP optionally RX-mode for jitter measurements
Insecure.Org announced the immediate, free availability of the Nmap Security Scanner version 5.00. This is the first stable release since 4.76 (last September), and the first major release since the 4.50 release in 2007. Dozens of development releases led up to this. Considering nearly 600 significant changes, this is the most important Nmap release since 1997.
The release notes provide the top 5 improvements in Nmap 5 as well as example runs and screen shots. The change details section includes improvements to the Nmap Scripting Engine, Zenmap GUI and Results Viewer, the new Ncat tool, the new Ndiff scan comparison tool, performance improvements, the new Nmap book, and much more!
1) Classic Command-Line Nmap
2) Zenmap’s new network topology graphing mode
Release Notes: http://nmap.org/5/