Nmap Security Scanner
Ref Guide
Security Lists
Security Tools
Site News
Advertising
About/Contact
Credits
Sponsors
|

 |
Intro |
Reference Guide |
Book |
Install Guide |
Download |
Changelog |
Zenmap GUI |
Docs |
Bug Reports |
OS Detection |
Propaganda |
Related Projects |
In the Movies |
In the News |
|
 |
The History and Future of NmapMany ancient and well loved security tools, such as Netcat,
tcpdump, and John the Ripper, haven't changed much over the years.
Others, including Nessus, Wireshark, Cain and Abel, and Snort have
been under constant development since the day they were released.
Nmap is in that second category. It was released as a simple
Linux-only port scanner in 1997. Over the next 10 years it sprouted a
myriad of valuable features, including OS detection, version
detection, the Nmap Scripting Engine, a Windows port, a graphical user
interface, and more. This section provides a timeline of the most
important events over a decade of Nmap history, followed by brief
productions on the future of Nmap. For all significant Nmap changes
(thousands of them), read the Nmap Changelog Old releases of Nmap can be found at http://nmap.org/dist/ and even older versions at http://nmap.org/dist-old/ September 1, 1997 — Nmap first released in Phrack Magazine Issue 51, article 11 It didn't have a version number because new releases weren't planned. Nmap was about 2,000 lines long, and compilation was as simple as gcc -O6 -o nmap nmap.c -lm. September 5, 1997 — Due to popular demand, a slightly modified version of the Phrack code was released, calling itself version 1.25. The gzipped tarball is 28KB. Version 1.26 (48KB) is released 19 days later. January 11, 1998 — Insecure.Org is registered and Nmap moves there from its previous home at the DataHaven Project (dhp.com) ISP. March 14, 1998 — Renaud Deraison writes to let me that he is writing a security scanner, and asks if he can use some Nmap source code. Of course I say yes. 9 days later he sends me a pre-release version of Nessus, noting that it “is designed for sysadmins, not 3l33t H4ck3rZ”. September 1, 1998 — Inspired by Nmap's first anniversary, I begin work on adding remote OS detection for the upcoming Nmap 2.00. On October 7 I release the first private beta version to a handful of top Nmap developers. We quietly work on this for several months. December 12, 1998 — Nmap version 2.00 is publicly released, introducing Nmap OS detection for the first time. An article describing the techniques was released in Phrack 54, Article 9 By this point Nmap is broken up into many files, consists of about 8,000 lines of code, is kept in a private CVS revision control system, and the tarball is 275KB. The nmap-hackers mailing list is started, and later grows to more than 50,000 members. April 11, 1999 — Nmap 2.11BETA1 is released. This is the first version to contain a graphical user interface as an alternative to the traditional command-line usage. The bundled GUI is NmapFE, which was originally written by Zach Smith. Some people like it, but the GUI never becomes as popular as traditional command-line usage. April 28, 2000 — Nmap 2.50 is released By this point the tarball has grown to 461KB. This release includes timing modes such as -T aggressive , direct SunRPC scanning, and Window and ACK scan methods. May 28, 2000 — Gerhard Rieger sends a message to the nmap-dev list describing a new “protocol scan” he has developed for Nmap, and he even includes a patch. This is so cool that I release Nmap 2.54BETA1 with his patch less than 12 hours later. December 7, 2000 — Nmap 2.54BETA16 is released as the first official version to compile and run on Microsoft Windows. The Windows porting work was done by Ryan Permeh and Andy Lutomirski. July 9, 2001 — The Nmap IP ID idle scan is introduced with Nmap 2.54BETA26. A paper describing the technique is released concurrently. This extremely cool (though not always practical) scan technique is described in the section called “TCP Idle Scan (-sI )” July 25, 2002 — I quit my job at Netscape/AOL and start my dream job working on Nmap full time. July 31, 2002 — Nmap 3.00 is released The tarball is 922K. This release includes Mac OS X support, XML output, and uptime detection. August 28, 2002 — Nmap is converted from C to C++ and IPv6 supported is added as part of the Nmap 3.10ALPHA1 release May 15, 2003 — Nmap was featured in the movie The Matrix Reloaded, where Trinity uses it (followed by a real SSH exploit) to hack a power station and save the world. This led to more publicity for Nmap than it had ever seen before or has seen since then. Details and screenshots are available at http://nmap.org/nmap_inthenews.html#matrix July 21, 2003 — I finish a first implementation of Nmap service/version detection (Chapter 7, Service and Application Version Detection) and release it to a couple dozen top Nmap developers and users as Nmap 3.40PVT1. That is followed up by 16 more private releases over the next couple months as we improve the system and add signatures. September 16, 2003 — Nmap service detection is finally released publicly as part of Nmap 3.45. A detailed paper is released concurrently. February 20, 2004 —
Nmap 3.50 is released
The tarball is now 1571KB. SCO corporation is banned from
redistributing Nmap because they refuse to comply with the GPL. They
have to rebuild their Caldera release ISOs to remove Nmap. This
release includes the packet tracing and UDP ping options. It also
includes the OS classification system which classifies each of the
hundreds of detected operating systems by vendor name, operating system name,
OS generation, and device type. August 31, 2004 —
The core Nmap port scanning engine is rewritten for Nmap 3.70 The
new engine, named ultra_scan() features
dramatically improved algorithms and parallelization support to
improve both accuracy and speed. The differences are particularly
dramatic for hosts behind strict firewalls. June 25, 2005 —
Google sponsors 10 college and graduate students to work on Nmap full
time for the summer as part of Google's Summer of Code initiative,
which starts on this day. Projects include a second generation OS
detection system (Zhao Lei) and a new cross-platform GUI named UMIT
(Adriano Monteiro), and many other cool projects described at http://seclists.org/nmap-hackers/2005/0008.html September 8, 2005 —
Nmap gains raw ethernet frame sending support with the release of version 3.90 This allows for ARP
scanning (see the section called “ARP Scan (-PR )”) and MAC address spoofing as
well as evading the raw IP packet ban introduced by Microsoft in
Windows XP SP2. January 31, 2006 —
Nmap 4.00 is released
The tarball is now 2388KB. This release includes runtime interaction
to provide on-demand completion estimates, a Windows executable
installer, NmapFE updates to support GTK2, and much
more. May 24, 2006 —
Google sponsors 10 more Nmap summer developers as part of their SoC
program. Zhao and Adriano return as part of 2006 SoC to further
develop their respective projects. There are eight other talented
students with projects described at http://seclists.org/nmap-hackers/2006/0009.html June 24, 2006 —
After two years of development and testing, the 2nd generation OS
detection system is integrated into Nmap
4.20ALPHA1 This new system is based on everything we've
learned and the new ideas had since the 1st generation system debuted
8 years earlier. After a bit of time to grow the DB, the new system
proves much more accurate and granular than the old one. It is
described in Chapter 8, Remote OS Detection December 20, 2006 —
Nmap public Subversion source revision control repository is released
Until this time, only a handful of developers had access to the
private source repository. Everyone else had to wait for releases.
Now everyone can follow Nmap development day by day. There is even an
nmap-svn mailing list providing real-time change
notification. Details are provided in the section called “Obtaining Nmap from the Subversion (SVN) Repository” May 28, 2007 —
Google sponsors 6 summer Nmap developers as part of their SoC program.
Meanwhile, Adriano's UMIT GUI for Nmap is approved as an independent
program for SoC sponsorship. The Nmap students and their projects are
posted at http://seclists.org/nmap-hackers/2007/0003.html July 8, 2007 — The
UMIT graphical front end is integrated into the Nmap 4.22SOC1
release for testing. At first it is only included in the Unix
tarballs, but it is integrated into the Windows installer just over a
month later as part of 4.22SOC3. December 2007
— Nmap 4.50 is released to celebrate Nmap's 10th anniversary!
While it is easy to catalogue the history of Nmap, the future is
uncertain. Nmap didn't start off with any grand development plan, and
most of the milestones in the preceding timeline were not planned
more than a year in advance. Instead of trying to predict the shape
of the Internet and networking way out in the future, I closely study
where it is now and decide what will be most useful for Nmap now and
in the near future. So I have no idea where Nmap will be 10 years
from now, though I expect it to be as popular and vibrant as ever.
The Nmap community is large enough that we will be able to guide Nmap
wherever it needs to go. Nmap has faced curve balls before, such as
the sudden removal of raw packet support in Windows XP SP2, dramatic
changes in network filtering practices and technology, and the slow
emergence of IPv6. Each of those required significant changes to
Nmap, and we'll have to do the same to embrace or at least cope with
networking changes in the future. While the 10-year plan is up in the air, the coming year is
easier to predict. As exciting as big new features are, they won't be
a focus. None of us want to see Nmap get bloated and disorganized.
So this will be a year of consolidation. The new UMIT and NSE systems
are not nearly as mature as the rest of Nmap, so improving them will
be a big priority. New NSE scripts are great because they extend
Nmap's functionality without the stability risks of incorporating new
source code into Nmap proper. Meanwhile, UMIT needs usability and
stability improvements, as well as proper documentation. Another
focus is the Nmap web site, which will become more useful and dynamic.
A web discussion system and Nmap demo site may be built. Some of the coolest Nmap features in the past, such as OS
detection and version scanning, were developed in secret and given a
surprise release. You can expect more of these in coming years
because they are so much fun! |
|