Question

Everything in this chapter thus far has been done through the command line or terminal interface. As Nmap has matured, so has the interface. Zenmap is the GUI of Nmap. It is a multiplatform, free, and open source application. There are some benefits to Zenmap that the good old command‐line Nmap cannot do, such as building topology, creating interactive maps, showing comparisons between two scans, keeping and tracking the results of a scan, and making the scan duplicable. Zenmap's goal is to make scanning easy and free for beginners and experts alike. You only have to identify your target and hit the Scan button, as you see in Figure 3.5 .

Figure 3.5 : Zenmap GUI scan

As you can see, this scan is the exact previous scan, just done in a GUI. If you clicked the tabs across the middle, you would see a list of all ports open, the network topology, the host details, and the history of scans of this asset, as you see in Figure 3.6 .

Figure 3.6 : Zenmap host details

To save an individual scan to a file, choose the Scan menu and select Save Scan from the drop‐down. If there is more than one scan, you will be asked which one to save. You have a choice of saving in .xml or .txt format. The .xml format can only be opened and used again by Zenmap. By default, all scans are saved automatically, but only for 60 days.

Before you install Nmap or Zenmap, you will want to make sure it isn't already installed. There are several operating systems (including most Linux systems) that have Nmap packages embedded but not installed. Type the following at a command prompt:

nmap --version

This will display the version of Nmap that is installed. If you get an error message such as nmap: command not found , then Nmap is not installed on your system.

Zenmap is found in the executable Windows installer. The latest stable release will be on the www.nmap.org/download page. To download the executable file, click the link shown in Figure 3.7 .

Figure 3.7 : Downloading nmap‐7.70‐setup.exe

As with most executable files for Windows, the file is saved by default in the Downloads folder. Double‐click the executable to start the install process. Click Next through the windows, keeping all the defaults, until you get to Finish. Once the install has completed, open the Start menu on your taskbar and begin typing Nmap . At the top of your menu, you should see Nmap‐Zenmap GUI. Click the application, define the target assets, and click Scan to launch.

The white paper “CIS Controls Implementation Guide for Small‐ and Medium‐Sized Enterprises (SMEs)” published at www.cisecurity.org breaks down into these three phases:

1. Know your environment.
2. Protect your assets.
3. Prepare your organization.

In phase 1, Nmap is described as a famous multipurpose network scanner, and Zenmap is described as an easy‐to‐use graphic user interface for Nmap. You must know your environment better than an attacker and use that attacker's mind‐set in key controls to develop your security program.