Download Nmap 4.76

Nmap is a program for exploring and monitoring a network. It’s designed to scan a large network without delays, but it also runs smoothly on a single host. The program uses so-called ‘raw ip packets’ to retrieve active hosts and information about the available services. More information about the possibilities can be found on this page. The developers have released another new version with 4.76 as the version number this time. The announcement on the mailing list looks like this:

Nmap News: 4.76 release, Defcon presentation online, Is port scanning legal?

Hi everyone. I’m happy to report that the Nmap 4.75 release (with port frequencies, Zenmap topology, etc.) was a big success. But such large exposure inevitably leads to bug discovery, so we’ve released version 4.76 with about a dozen small fixes and stability improvements. If 4.75 is working great for you, there is probably no need to upgrade. But if you encountered problems, or if you are the type who waits a couple weeks for stabilization before trying a big new release, now is your chance to upgrade to 4.76. It’s available at the normal location. And you can read about the changes here.

Speaking of the big 4.75 changes, I presented many of them at Defcon and Black Hat last month in Las Vegas, including details behind my Worldscan project (scanning tens of millions of hosts all over the Internet) and some of the ways smart folks can use this empirical data to make your scans more effective.

But I know that some of you couldn’t make it to Defcon this year, and even many who came were turned away from my talk because the room was full :(. So now that 4.75 is out and includes most of the new features I demonstrate in the presentation, I’ve posted the audio, video, and slides online (along with a previous presentation at ShmooCon) at my new presentations page.

Note a few of the new features discussed (particularly Ncat and Ndiff) didn’t make it into 4.75, but they are available now in our SVN repository.

The third thing I wanted to mention is that I’ve freed Ch1 of my upcoming (in late October) Nmap book. I actually put this online a while back, but forgot to link to it or tell anyone :). The title is “Getting Started with Nmap”, which sounds too basic for a group of nmap-hackers. But there are several sections you might find interesting:

• “Legal issues” discusses whether unauthorized port scanning is a crime and also how to mitigate the risk of crashing target computers/networks.
• “The History and Future of Nmap” discusses where we’ve been and where we’re going.
• Sometimes the best way to understand something is to see it in action. The “Nmap Overview and Demonstration” section includes examples of Nmap used in (mostly) fictional yet typical circumstances. The Nmap experts here probably won’t learn much from this section, but it is good for getting newbies excited about Nmap and to understand the basics.

Enjoy all the new content!
-Fyodor

Version 4.76:

• There is a new “external” script category, for NSE scripts which rely on a third-party network resource. Scripts that send data to anywhere other than the target are placed in this category. Initial members are ASN.nse, dns-safe-recursion-port.nse, dns-safe-recursion-txid.nse, ripeQuery.nse, HTTP_open_proxy.nse, and whois.nse
• [Zenmap] A crash was fixed that affected Windows users with non-ASCII characters in their user names.
• [Zenmap] Several corner-case crashes were fixed.
• [Zenmap] A crash was fixed that happened when opening the Hosts Viewer with an empty list of hosts.
• Improved rpcinfo.nse to correctly parse a wider variety of server responses.
• [Zenmap] Fixed a data encoding bug which could cause the crash reporter itself to crash!
• Nmap’s Windows self-installer now correctly registers/deletes the npf (Winpcap) service during install/uninstall. Also the silent install mode was improved to avoid a case where the Winpcap uninstaller was (non-silently) shown.
• Nmap’s Windows self-installer now checks whether the MS Visual C++ runtime components have already been installed to avoid running it again (which doesn’t hurt anything, but slows down installation).
• Fixed an assertion failure where raw TCP timing ping probes were wrongly used during a TCP connect scan.
• Update the NSE bit library to replace deprecated use of luaL_openlib() with luaL_register(). This fixes a build error which occured on systems which have Lua libraries installed but LUA_COMPAT_OPENLIB not defined.
• [Zenmap] The automatic crash reporter no longer requires an email address.
• [Zenmap] Highlighting of hostnames was improved to avoid wrongful highlighting of certain elapsed times, byte counts, and other non-hostname data. The blue highlight effects are now more subtle (no longer bold, underlined, or italic)
• [Zenmap] A warning that would occur when a host had the same service running on more than one port was removed. Thanks to Toralf Förster for the bug report.