Linux is far and away the most popular platform for running
Nmap. In one user survey, 86% said that Linux was at
least one of the platforms on which they run
Nmap.
Linux users can choose between a source code install or using
binary packages provided by their distribution. The binary packages
are generally quicker and easier to install, and are often slightly
customized to use the distribution's standard directory paths and
such. These packages also allow for consistent management in terms of
upgrading, removing, or surveying software on the system. A downside
is that packages created by the distributions are necessarily behind
the Insecure.Org source releases. Most Linux distributions
(particularly Debian and Gentoo) keep their Nmap package relatively
current, though a few are way out of date. Choosing the source
install allows for more flexibility in determining how Nmap is built
and optimized for your system. To build Nmap from source, see the section called “Unix Compilation and Installation from Source Code” Here are simple package instructions for
the most common distributions.
RPM-based Distributions (Red Hat, Mandrake, Suse, Fedora)
I build RPM packages for every release of Nmap and post them to
the Nmap download page at http://nmap.org/download.html
I build two packages: The nmap
package contains
just the command-line executable and data files, while the
zenmap
package contains the optional Zenmap
graphical frontend (see Chapter 12, Zenmap GUI Users' Guide
The zenmap
package is optional and only
necessary for those who want a GUI interface to Nmap. It does require
that the nmap
package be installed first. One down
side to installing the RPMs rather than compiling from source is that
the RPMs don't support OpenSSL for version detection of SSL services.
Installing via RPM is quite easy—it
even downloads the package for you when given the proper URLs. The following example downloads and installs Nmap 4.62, including the frontend. Of course you should use the latest version at the download site above instead. Any existing RPM-installed versions are
upgraded. Example 2.7, “Installing Nmap from binary RPMs” demonstrates this installation process.
Example 2.7. Installing Nmap from binary RPMs
# rpm -vhU http://nmap.org/dist/nmap-4.62-1.i386.rpm
Retrieving http://nmap.org/dist/nmap-4.62-1.i386.rpm
Preparing... ########################################### [100%]
1:nmap ########################################### [100%]
# rpm -vhU http://nmap.org/dist/zenmap-4.62-1.noarch.rpm
Retrieving http://nmap.org/dist/zenmap-4.62-1.noarch.rpm
Preparing... ########################################### [100%]
1:zenmap ########################################### [100%]
As the filenames above imply, these binary RPMs were created for normal PCs (X86 architecture). I also distribute x86_64 binaries of some releases for users with 64-bit Linux running on an AMD Opteron or Athlon64 processor. These binaries won't work for the relatively few Linux users on other platforms such as SPARC, Alpha, or PowerPC. They also may refuse to install if your library versions are sufficiently different from what the RPMs were initially built on. One option in these cases would be to find binary RPMs prepared by your Linux vendor for your specific distribution. The original install CDs or DVD are a good place to start. Unfortunately, those may not be current or available. Another option is to install Nmap from source code as described previously, though you lose the binary package maintenance consistency benefits. A third option is to build and install your own binary RPMs from the source RPMs distributed from the download page above. Example 2.8, “Building and installing Nmap from source RPMs” demonstrates this technique with Nmap 4.62.
Example 2.8. Building and installing Nmap from source RPMs
> rpmbuild --rebuild http://download.insecure.org/nmap/dist/nmap-4.62-1.src.rpm
[ hundreds of lines cut ]
Wrote: /home/fyodor/rpmdir/RPMS/i386/nmap-4.62-1.i386.rpm
[ cut ]
> su
Password:
# rpm -vhU /home/fyodor/rpmdir/RPMS/i386/nmap-4.62-1.i386.rpm
Preparing... ########################################### [100%]
1:nmap ########################################### [100%]
#
It is not necessary to rebuild Zenmap in this fashion because the
Zenmap RPM is architecture-independent (“noarch”). For that
reason there are no Zenmap source RPMs.
Removing RPM packages is as easy as rpm -e
nmap zenmap.
Updating Red Hat, Fedora, Mandrake, and Yellow Dog Linux with Yum
The Red Hat, Fedora, Mandrake, and Yellow Dog Linux
distributions have an application named Yum
which manages software installation and updates from central RPM
repositories. This makes software installation and updates trivial.
Since distribution-specific Yum repositories are normally used, you
know the software has already been tested for compatibility with your
particular distribution. Most distributions do maintain Nmap in their
Yum repository, but they don't always keep it up to date. This is
particularly problematic if you (like most people) don't always
quickly update to the latest release of your distribution. If you are
running a two-year old Linux release, Yum will often give you a
two-year-old version of Nmap. Even the latest version of
distributions often take months to update to a new Nmap release. So
for the latest version of Nmap on these systems, try the RPMs we
distribute as described in the section called “RPM-based Distributions (Red Hat, Mandrake, Suse, Fedora)” But if our
RPMs aren't compatible with your system or you are in a great hurry,
installing Nmap from Yum is usually as simple as executing
yum install nmap (run yum install nmap zenmap
if you would like the GUI too, though some distributions don't yet package Zenmap). Yum takes care of contacting a
repository on the Internet, finding the appropriate package for
your architecture, and then installing it along with any necessary
dependencies. This is shown (edited for brevity) in Example 2.9, “Installing Nmap from a system Yum repository” You can later perform
yum update to install available updates to Nmap and other
packages in the repository.
Example 2.9. Installing Nmap from a system Yum repository
flog~#yum install nmap
Setting up Install Process
Parsing package install arguments
Resolving Dependencies
--> Running transaction check
---> Package nmap.x86_64 2:4.52-1.fc8 set to be updated
--> Finished Dependency Resolution
Dependencies Resolved
=============================================================================
Package Arch Version Repository Size
=============================================================================
Installing:
nmap x86_64 2:4.52-1.fc8 updates 1.0 M
Transaction Summary
=============================================================================
Install 1 Package(s)
Update 0 Package(s)
Remove 0 Package(s)
Total download size: 1.0 M
Is this ok [y/N]: y
Downloading Packages:
(1/1): nmap-4.52-1.fc8.x8 100% |=========================| 1.0 MB 00:02
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing: nmap ######################### [1/1]
Installed: nmap.x86_64 2:4.52-1.fc8
Complete!
Debian Linux and Derivatives such as Ubuntu
LaMont Jones does a fabulous job maintaining the Nmap .deb
packages, including keeping them reasonably up-to-date. The proper
upgrade/install command is apt-get install nmap.
This works for Debian derivatives such as Ubuntu too. Information on
the latest Debian “stable” Nmap package is available at http://packages.debian.org/stable/nmap and the
development (“unstable”) Nmap and Zenmap packages are available from http://packages.debian.org/sid/nmap and http://packages.debian.org/sid/zenmap