Nmap 7.95 presents improvements in Npcap, new scripts, corrections and more

Darkcrizt

4 minutes

nmap-logo

Nmap is an open source port sniffing program.

The new version of Nmap 7.95 is now available And in this new version that is presented, the integration of more identifiers stands out, as well as the integration of new scripts, updates, bug fixes and more.

For those who do not know about Nmap, you should know that This is an open source tool used to explore and audit networks and its main function is to scan devices on a network to discover what services and ports are open, which provides valuable information about the network topology and possible vulnerabilities. In addition to its ability to detect operating systems and perform vulnerability scans, Nmap stands out for its flexibility and extensibility through its scripting engine (NSE), which allows custom scripts to be developed and executed for specific scanning and auditing tasks.

What's new in Nmap 7.95?

In this new version of Nmap 7.95, highlights the integration of more than 4000 operating system IPv4 fingerprints since June 2020, adding 336 new fingerprints for a total of 6036. This includes fingerprinting for iOS 15 and 16, macOS Ventura and Monterey, Linux 6.1, OpenBSD 7.1, and lwIP 2.2.

Another change in Nmap 7.95 is lIntegration of 2500+ service/version detection identifiers since June 2020 and the total size of the identifier database has reached 12,089 records, increasing the signature count by 1.4% The number of defined protocols increased from 1237 to 1246. Among other things, support was added for the grpc, mysqlx, essnet, remotemouse and tuya protocols.

The version for Windows updated its Npcap (raw packet capture and transmission driver) from version 1.75 to 1.79, incorporating the cability to reissue the code signing key to “Nmap Software LLC”, Replacing the previous name of "Insecure.Com LLC", driver performance was improved by reducing lock contention and consolidating data copy operations, as well as various bug fixes.

In addition to this they added4 new NSE scripts have been incorporated to consult industrial control systemsl from the DINA community and automate various actions with Nmap including hartip-info, iec61850-mms, multicast-profinet-discovery and profinet-cm-lookup.

Of the other changes that stand out:

  1. Updated included libraries such as Lua to version 5.4.6, libpcre2 to 10.43, zlib to 1.3.1, libssh2 to 1.11.0, and liblinear to 2.47.
  2. Updated OpenSSL to version 3.0.13 in the binaries for Windows builds and RPMs, resolving CVEs with no known impact on Nmap.
  3. Zenmap and Ndiff now use setuptools for packaging instead of distutils.
  4. Implemented several bug fixes, including Ncat UDP server mode fix, TCP Connect scanning issues on Windows, ssh-auth-methods exit, bugs in Zenmap, TLS 1.2 signing algorithms, RPM spec file requirements, and memory leaks.
  5. Made profile-guided optimizations to the port scanning engine, improvements to OS detection fingerprint matching.
  6. Fixed an issue with out-of-bounds reads, memory leaks, crashes related to service name wildcards, and parsing of DNS TXT records for NSE scripts.
  7. Improved signature matching code when detecting operating systems, changed nmap-os-db syntax to support ranges in TCP option lines.
  8. Improvements have been made to the matching code in the OS detection engine, where the network source port number changes with each retry, among other optimizations based on generation profiles.

Finally if you want to know more about it about this new version, you can check the details in the following link.

How to install Nmap on Linux?

For those who are interested in being able to install Nmap along with its other tools on their system, They can do it by following the steps we share below.

Since the release of this new version of Nmap was recently, few distributions have already updated to this version. So they must wait a few days.

Although we can resort to compiling the source code of the application in our system. The code can be downloaded and compiled by executing the following:

wget https://nmap.org/dist/nmap-7.95.tar.bz2
bzip2 -cd nmap-7.95.tar.bz2 | tar xvf -
cd nmap-7.95
./configure
make
su root
make install

In the case of distributions with support for RPM packages, they can install the Nmap 7.95 package by opening a terminal and executing the following commands:

rpm -vhU https://nmap.org/dist/nmap-7.95-1.x86_64.rpm
rpm -vhU https://nmap.org/dist/zenmap-7.95-1.noarch.rpm
rpm-vhU https://nmap.org/dist/ncat-7.95-1.x86_64.rpm
rpm -vhU https://nmap.org/dist/nping-0.7.95-1.x86_64.rpm

Leave a Comment

Your email address will not be published. Required fields are marked with *

*

*

  1. Responsible for the data: AB Internet Networks 2008 SL
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.