February 20, 2004 (3:14 AM PST) -- Insecure.Org is pleased to announce the immediate, free availability of the Nmap Security Scanner version 3.50 from http://nmap.org/ .


Nmap ("Network Mapper") is an open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) they are offering, what operating system (and OS version) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. Nmap runs on most types of computers, including Linux/BSD/Mac OS X, and Windows. Both console and graphical versions are available. Nmap is free software, available with full source code under the terms of the GNU GPL.

Nmap has been named "Security Product of the Year" by Linux Journal, Info World, LinuxQuestions.Org, and Codetalker Digest. It has also been praised by Wired, Information Security, BBC, Network World, Slashdot, 2600, SANS, Info World, Microsoft, Computer World, Sun World, Phrack, and more. At least three movies have featured Nmap, including Battle Royale, HaXXXor Vol. 1, and some Sci-Fi flick.


Nmap has undergone many substantial changes since our last major release (3.00 in July 2002) and we recommend that all current users upgrade. Improvements from 41 intermediate releases have gone into 3.50. Here are a list of the most important advantages over 3.00 (See the ChangeLog for a more detailed list):


With this "stable" version out of the way, we plan to dive headfirst into the next development cycle. Many exciting features are in the queue, including better multi-host parallelization, an OS detection overhaul, and further version scanning features, such as intensity levels. I am also working on a book describing Nmap, from port scanning basics for novices to the types of packet crafting used by advanced hackers. Much of this book will be made available for free online. A few chapters should be available very soon. For the latest news on Nmap and the book, consider joining the 17,000-member moderated Nmap-hackers list by sending a blank email to nmap-hackers-subscribe@insecure.org . Or you can read the archives at seclists.org .


Nmap is available for download from http://insecure.org/nmap for most platforms in source or binary form. Nmap is Free software distributed under the terms of the GNU General Public License (GPL).

Direct questions or comments to fyodor@insecure.org .


We would like to acknowledge and thank the many people who contributed ideas and/or code to this release. Special thanks go out to A. Jones, Albert Chin-A-Young, Alex Volkov, Al Smith, Amy Hennings, Andy Lutomirski, Annalee Newitz, Axel Krauth, Axel Nennker, Ayamura Kikuchi, Blue Boar, Brian Hatch, Chad Loder, Crayden Mantelium, Curt Wilson, Darren Reed, Dean Bennett, Diego Casorran, Dmitry V. Levin, Dragos Ruiu, Dug Song, Eric S. Raymond, Fejed, Florin Andrei, Frank Berger, Fyodor Yarochkin, Gabriel L. Somlo, Gisle Vanem, Guido van Rooij, HellNBack, HD Moore, Hubert Feyrer, Jan Roger Wilkens, Jari Ruusu, Jaroslav Sladek, Javier Kohen, Jay Freeman (Saurik), Jeff Nathan, jerickson_at_inphonic, Jochen Erwied, Josef 'Jupp' Schugt, Juho Schultz, Justin A., Kevin Davis, Kirby Kuehl, Kronos, Lance Spitzner, Lionel CONS, MadHat, Maik Pfeil, Marc Ruef, Mario Manno, Marius Strobl, Martin Kluge, Matt Burnett, Matthieu Verbert, Matt Selsky, Max Schubert, Max Vision, Michael Davis, Mikael Mannstrom, Miscelerious Options, Mugz, Niels Heinen, Osamah Abuoun, Peter Marschall, Petter Reinholdtsen, Phix, Pope_at_undersec, Przemek Galczewski, R. Anderson, Rain.Forest.Puppy, ray_at_24hoursecurity, Remi Denis-Courmont, Rob Foehl, Russel Miller, Ryan Lowe, Scott Egbert, Sebastien Blanchet, Seth Master, Shawn Wallis, Simple Nomad, Solar Designer, Solar Eclipse, Ste Jones, Stephen Bishop, Tammy Rathbun, Tom Duffy, Tom Rune Flo, van Hauser, Wei Jiang, William McVey, Will Saxon, Yeti, and everyone I forgot :).

And of course we would also like to thank the thousands of people who have submitted OS and service/version fingerprints, as well as everyone who has found and reported bugs or suggested features.

For further information, see http://insecure.org/.