Nmap 7.90 Is Released With 1,200 New Fingerprints And 70+ Bugs Squashed

From LinuxReviews
Jump to navigationJump to search
Network-wired.png

The number one free software port scanning tool, as seen in movies like The Matrix Reloaded, Ocean's 8, Oliver Stone's 2016 Snowden film, Dredd, Elysium, Fantastic Four, The Bourne Ultimatium, Yippee Ki-Yay!, The Listening and Battle Royale, just got a lot better at identifying remote systems.

written by 윤채경 (Yoon Chae-kyung). published 2020-09-04last edited 2020-10-04

Trinity-in-matrix-1-using-nmap.jpg
Trinity using nmap to look for open ports in the movie The Matrix Reloaded (2003).

It's been 17 years since the movie The Matrix Reloaded came out. The nmap command the Trinity character in that movie used, nmap -v -sS -O 10.2.2.2 still works in the latest Nmap 7.90 release (assuming there is a host at 10.2.2.2 on the local network, 10./8 is reserved for private networks).

nmap arguments from The Matrix Reloaded
-v Verbose output (takes -vlevel)
-sS TCP SYN scan. Only available if you run it as root
-O Enable OS detection
10.2.2.2 This is the host to scan. You can also use entire networks, like 10.2.2.0/24

The big high-light in Nmap 7.90 is a much larger OS and service fingerprint database. Nmap 7.90 will more accurately identify what operating system machines are running on and it is also better at service detection. 800 new service/version fingerprints were added along with 330 IPv4 OS fingerprints and 67 IPv6 OS fingerprints.

There's also new NSE scripts, new protocol libraries and new payloads for host discovery, version detection and port scanning.

250 code quality issues identified by the "Continuous security analysis" service lgtm.com have been fixed since the last release. lgtm.com now rates Nmap as a "A+" product, up from Nmap 7.80's "C" rating.

This release re-licenses Nmap under a new "Nmap Public Source License" based on the GNU General Public License Version 2. This was done because Nmap used to be licensed under a somewhat confusing GNU GPL v2 "with exceptions" license which made no sense. A annotated version of the "Nmap Public Source License Version 0.92" can be read nmap.org/npsl/npsl-annotated.html. Preventing commercial use appears to be a big part of the new license. Nmap author Gordon Lyon, also known as "Fyodor", has created a new "Nmap OEM Edition" product, available at nmap.org/oem/, for companies who want to integrate Nmap as part of their products. A OEM Enterprise Redistribution license will cost you a whopping "$57,900, plus an optional annual maintenance fee of $17,370". The "cheaper" "Nmap OEM Small/Startup Company Redistribution License" can be had for "only" "US$37,900, plus an optional annual maintenance fee of $11,850".

The new license doesn't change anything for regular people or GNU/Linux distributions, the new license is essentially the same as the GNU GPL v2.

The release announcement listing all the 70 bugs fixed in Nmap 7.90 can be read at nmap.org/changelog.html#7.90. Binaries for Linux, Windows and macOS can be acquired from nmap.org/download.html.

0.00
(0 votes)

Add your comment
LinuxReviews welcomes all comments. If you do not want to be anonymous, register or log in. It is free.