Nmap 5.20 released

Nmap is a free and open source utility for network exploration or security auditing.

Nmap 5.20 offers more than 150 significant improvements:

  • 30+ new Nmap Scripting Engine scripts
  • Enhanced performance and reduced memory consumption
  • Protocol-specific payloads for more effectie UDP scanning
  • Massive OS and version detection DB updates (10,000+ signatures).

Nmap’s traceroute has been rewritten for better performance. Probes are sent in parallel to individual hosts, not just across all hosts as before. Trace consolidation is more sophisticated, allowing common traces to be identified sooner and fewer probes to be sent.

The older traceroute could be very slow (taking minutes per target) if the target did not respond to the trace probes, and this new traceroute avoids that. In a trace of 110 hosts in a /24 over the Internet, the number of probes sent dropped 50% from 1565 to 743, and the time taken dropped 92% from 95 seconds to 7.6 seconds. Traceroute now uses an ICMP echo request probe if no working probes against the target were discovered during scanning.