Intro Reference Guide Book Install Guide Download Changelog Zenmap GUI Docs Bug Reports OS Detection Propaganda Related Projects In the Movies In the News

Nmap has received a lot of press lately. Here are links to relevant stories. If you see Nmap featured in other articles or books, please let Fyodor know.

Nmap has now been in so many movies, they have been moved to a special Nmap movies page. This page only covers news articles, reviews, books, and popular culture references.

Nmap tutorials and other documentation is posted on the Nmap documentation page instead.

Journalists/Authors: please tell me before you publish articles about Nmap. I would be happy to review them and point out any updated information/inaccuracies or provide pointers to other resources that might help. Even if you don't write me first, you can send me the URL (if any) when it is published and I will add a link here. I have also provided technical reviews of many books that relate to Nmap and security.

• Nmap wins Linux Journal's Editor's Choice Award for Best Security Tool. The article raves:

  You know your program has caught on when people start to use its name as a verb. Running Nmap every time you set up a new Linux server, and periodically to see if anything has changed on your network, has become a standard security practice. It's no coincidence that the spread of Nmap has coincided with Linux distributions finally paring down the menu of potentially exploitable services offered by default. For providing an easy-to-use "security idiot light" to Linux system administrators and distributions everywhere, Nmap, we salute you.

• US President George W. Bush visited the NSA headquarters at Fort Meade in January 2006. A wall-sized status screen in the background displays the latest versions of Nmap and some of our other favorite open source tools. Pictures were printed in the February 6, 2006 edition of Newsweek (article) and the Jan 27 Washington Post (article). The page on the screen is the Talisker Radar. We don't like the NSA tracking our phone calls and email, but they may track Nmap releases all they want.
  

  Loading an external web site on their giant screen was risky. Imagine if this happened (thanks php0t)!

• Nmap wins LinuxQuestions.Org Security App of the Year award. Nmap received more votes (56.45%) than all of the other entries combined. Second and third place went to Snort (15.5%) and Nessus (14.9%).
• "Hack in Progress" -- Information Week, September 8 2003 -- describes how an "ethical hacker" breaks into a client's corporate network:

  As Breed clicks away on his notebook, he lets an occasional grin surface, lifts his eyebrows, and crinkles his forehead. After jotting down the domain addresses, he takes an educated guess at what may be the block of network addresses on the company's system. He launches Nmap, or Network Mapper, and begins sweeping to see what his guess may turn over. Nmap uses IP packets to see what operating systems the network is running, what servers are connected to it, what services and ports are available, even whether packet filters and firewalls are in place.

• Nmap wins Info World's 1998 Best Information Security Product award (along with IETF's IPSEC implementation and L0phtcrack).[local copy]
• The CIO Institute Bulletin On Computer Security Vol. 2. No. 3. advances the theory that the "coordinated multi-national attacks" on the Pentagon which have been on the news lately may really be bored teenagers using nmap :).
• the SANS Intrusion Detection FAQ [local copy] includes a page by John Green (of the US Naval Surface Warfare Center) describing the capabilities of Nmap. He concludes that:

  The intelligence that can be garnered by using nmap is extensive. It provides all the information that is needed for a well-informed, full-fledged, precisely targeted assault on a network. Such an attack would have a high probability of success, and would likely go unnoticed by organizations that lack intrusion detection capabilities.

• "Free Windows-based scanners are plentiful, but only Asmodeus shows promise " -- Info World July 6, 1998. This InfoWorld security column examines Windows scanners and concludes that users should give up on the Windows scanners and "take the time to install a Linux box and use nmap." [local copy]
• "Hacker's Toolchest -- Techniques and tools for penetration tessting" [ local copy] was run by SunWorld and interviews Marc Abene, Brian Martin, and Rain Forest Puppy about their favorite tools. We were flattered that they wrote:
  

  Perhaps the most versatile and widely-used tool for penetration testing today. Offering a wide range of port-scanning techniques, this utility will report which ports are open, who owns each process, which service is typically assigned to the port, the probability of a TCP sequence prediction attack, and more. Another useful feature of nmap is its ability to remotely "fingerprint" a machine's operating system. This utility has become the penetration tester's Swiss Army Knife.

• The Confessions of a White Hat Hacker [local copy] in ComputerWorld describes the author's (a security manager) experience with Nmap:

  Nmap impressed me. It's simple, it's powerful, and it does exactly what it says it does: It maps your network.... It's much faster [ than ISS], and it's designed to be run in "stealth mode" so as to avoid detection by intrusion detection software. It certainly snuck in beneath the radar of our intrusion detection software, RealSecure from ISS. That's something we'll have to sort out.

• Dec. 1998 Codetalker Digest names Nmap Security Product of the Year in the "Audit and Scanning" category. [local copy]
• Network Intrusion Detection, an Analyst's Handbook by Stephen Northcutt includes a 9-page section on Nmap. The first edition describes Nmap as follows (pp. 186):

  So what is nmap? It is one of the most powerful information-gathering tools available at any price to both the attacker and defender. There are a variety of scanning modes available, as well as TCP fingerprinting and an assessment of TCP sequence number prediction difficulty.

• "Cracking Tools Get Smarter" -- Wired March 3 1999 [local copy]
• Network Magazine ran System Fingerprinting With Nmap by Rik Farrow. This article does a good job of describing TCP/IP stack fingerprinting in laymen's terms. [local copy]
• The June 2001 issue of Information Security Magazine ran an article on portscanning entitled Plugging Leaky Holes [local copy]. The article gives an overview of scanning and paints a flattering picture of Nmap:

  Probably the best-known port scanner is nmap, which finds all open ports and detects the OS on hosts within an IP address range ... nmap is useful in uncovering critical information that an attacker may use, such as the likelihood of successfully guessing the TCP initial sequence number (a common attack mechanism) and the host's OS (essential when searching for vulnerabilities). For those who perfer a GUI-based application, there's a graphical front end available for Nmap.

• Linux Journal has a good overview of Nmap in the May '01 issue entitled Checking Your Work with Scanners, Part I (of II): nmap. It describes Nmap as the "World Champion Port-Scanner" and summarizes that "in short, Nmap is by far the most feature-rich and versatile port-scanner available today". [ local copy]
• The Chicago Tribune ran an article on Getting to know your network services. This is a good intro on the very basics of port scanning. The article recommends Nmap. [local copy]
• Info World's June 8,1998 Security Watch column gives a favorable review of nmap [local copy]
• " New Generation of Scanning Tools Mask Source of Attack" -- Computer World March 15, 1999. [local copy]
• "When Good Scanners Go Bad" -- Computer World March 22, 1999. [local copy]
• "The Art and Detection of Port Scanning" is an introductory article which focuses on Nmap and appeard in Sys Admin Magazine in November 1998. I haven't found a online link to it. My prior Phrack 51 article entitled "The Art of Port Scanning" gives a more technical overview anyway.
• "Passive-Aggressive Resistance: OS Fingerprint Evasion" is an article in the September '01 Linux Journal which discusses ways to evade Nmap OS detection.
• "Diary of a hack attack" -- Network World, January 10, 2000. Discusses the activities of a professional security auditor. "Hacker Bob prefers network mapping (nmap) ... it's a port scanner on steroids." [ local copy]
• SANS Broadcast: What the Hackers Know About You III - 3/2/99 is an hour long interview with H. D. Moore (developer of nlog, the database interface to nmap) and John Green, member of the Shadow Intrusion Detection Team about Nmap & NLog. Sadly, it is not available in any open format (like MP3).
• The Spring 1999 issue of 2600 has an article called "Network Scanning with Nmap". Someone OCR'd it and sent me a copy. Here is the unformatted text. Note that the options and flags he mentions are for a very old version of nmap and aren't very relevant to nmap 2.X.