HOW TO
NMAP, Overview History and Usage
Scanning and Enumeration are two important tasks when hacking or penetration testing. You need to know the enemy and its vulnerabilities before attacking. These tasks used to be done manually or with other less efficient tools. Then came NMAP or Network Mapper. NMAP is a network reconnaissance tool to find information about a host or an entire network. NMAP is a must-have tool for any systems administrator, security professional and hackers.
Overview
NMAP is an open-source tool available on all platforms (Windows, Linux, MacOS) so anyone in the professions stated above or wish to get into said professions can download and play with it. NMAP is built into specialized distributions like ParrotOS and Kali Linux.
However, this tool is not to be toyed with within a corporate environment. If not used properly, intrusion detection systems built into company networks will detect NMAP activity and put the user in jeopardy unless the user is also the administrator. Unauthorized port scanning is illegal in some territories.
NMAP can be considered a very advanced version of the Windows command ipconfig with a mix of whois and traceroute and much more. It can be used to easily scan entire networks, determine hacking targets, determine their operating systems, determine open ports and exploitable vulnerabilities.
Once those are determined, hackers and security professionals can then use tools such as Metasploit to exploit those vulnerabilities.
History
NMAP itself has quite a long history in terms of technology beginning back in September 1997. It was first released in Issue 51 of Phrack magazine as an article with 2,000 lines of code with a slightly improved version in the following issue.
The second version came out in December 1998 which grew to 8,000 lines of code due to additional tools, improvements, and features. The number of users also grew substantially.
April 1999 NMAP gained a GUI but most users still preferred the command line. By December 2000, a native Windows version is released. In July 2002, the author, network security expert Gordon Lyon quits Netscape to work on NMAP full-time and version 3 is released soon after with MacOS support.
NMAP gains more publicity and attention after it was shown in the film Matrix Reloaded in May 2003 and becomes a standard prop in Hollywood hacking films.
Version 3.7 featured a rewrite of the port scanning engine, improving its performance allowing it to get past strict firewalls. NMAP then gains Google support on June 2005. Version 4 is released in January 2006 which included runtime interaction which displayed task completion times.
NMAP gains a more accurate OS detection on June 2006. Scripting support is added on December 2006 enabling users to create their own scripts to automate various tasks. July 2007 gains a new GUI and version 4.5 was released that December to mark the tool’s 10th anniversary.
On September 2008, version 4.75 is released with vast improvements in scripting, features, GUI and OS detection. March 2009, NMAP gains high demand to help deal with the devastating Conficker worm.
NMAP 5 is released in July 2009 now with a tarball size of 27MB. The following month sees more improvements to its built-in tools. May 2012, NMAP version 6 is released. As of October 2020, NMAP is at version 7.9.
Usage
NMAP is practically used by every hacker and security professional to audit networks and scan for active hosts, open ports, and vulnerabilities. It can be used for network inventory, network maintenance and asset management, auditing the security of new devices such as firewalls and servers as well as generating network traffic to analyze network host response times. It’s the perfect tool for aspiring hackers or pen-testers to get started on the basics of hacking and a great tool for systems administrators as well.
