Nmap for Windows: Tips for installing and configuring

Nmap was originally a command-line application for Unix, but a Windows version has been available since 2000. This tip looks at installing and configuring Nmap for Windows.

Although you can download and install Nmap from a zip file, the latest version requires the free WinPcap packet capture library to be installed as well. I suggest you opt for using the Nmap Windows installer, which handles WinPcap installation for you. This installer, nmap-4.01-setup.exe, can be downloaded from the insecure.org Web site at http://www.insecure.org/nmap/download.html. The installer doesn't add a shortcut to the Programs menu for Nmap as you need to run nmap.exe from a DOS command prompt, and although WinPcap does appear in the Add/Remove applet, you will need to run the uninstall program in the Nmap folder if you choose to remove Nmap at any time. The total space required for the complete installation is only 2.6Mb.

Nmap information Read the first tip in this series, Nmap: A valuable open source tool for network security Read Information Security magazine's review of Nmap 4.01

The default install directory is C:\Program Files\Nmap\ but because the installer adds Nmap to the computer's PATH environment variable, you can execute Nmap from any directory. So to run and test Nmap, open a Command Prompt window and type the following, which will scan the host scanme.insecure.org:

Nmap on Windows is not as efficient as on Unix. The connect scan (-sT) in particular is often much slower because of shortcomings in the Windows networking API. You can improve connect scan performance by double clicking the nmap_performance.reg file located in the Nmap directory, which will make three registry changes in order to increase the number of ephemeral ports reserved for applications such as Nmap, and decrease the amount of time before a closed connection can be reused. If you run in to problems running Nmap on Windows you should check for error messages in the Windows event log and then see if the problem is covered in the Nmap-dev list archives at http://seclists.org/#nmap-dev. There is also plenty of supporting documentation for Nmap at http://www.insecure.org/nmap/docs.html, and it is worthwhile subscribing to the Nmap-hackers mailing list, too.

The main advantage of Nmap being a command-line application is that it is easier to run from a script, and precise scans can be executed without having to set lots of different options. However, this can be intimidating for new and infrequent users. And although there are graphical user interfaces (GUI) available for Unix, as yet there are no stable GUIs for Windows. Fortunately, this is expected to change this year. There is no official release date, but the creator of Nmap, Fyodor, hopes to have a Windows-compatible version of NmapFE, the most popular GUI for Unix, out sometime this year. There are other cross-platform GUIs that are in development too, such as UMIT (http://umit.sourceforge.net/).

About the author
Michael Cobb, CISSP-ISSAP is the founder and managing director of Cobweb Applications Ltd., a consultancy that offers IT training and support in data security and analysis. He co-authored the book IIS Security and has written numerous technical articles for leading IT publications. Mike is the guest instructor for SearchSecurity's Web Security School and, as a SearchSecurity.com site expert, answers user questions on application and platform security.

This is the second in a series of tips on how to use Nmap in an enterprise network environment. This tip originally appeared on SearchSecurity.com.

Rate this Tip To rate tips, you must be a member of SearchEnterpriseDesktop.com. Register now to start rating these tips. Log in if you are already a member. Submit a Tip Digg This!     StumbleUpon     Del.icio.us    RELATED CONTENT Endpoint security management tools The right security tools for finding Windows desktop weaknesses Using BitLocker in Windows 7 20 days to a more secure enterprise How to get -- and keep -- user support with security MDOP for Windows 7 available now Microsoft's Online Desktop Manager caters to small IT shops Monitoring user activity with network analyzers Using third-party technologies with Microsoft's NAP Understanding Microsoft's NAP's internal and external components Microsoft's NAP can ensure security compliance RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary system tray  (SearchEnterpriseDesktop.com) RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.