Zenmap, official nmap GUI
Posted by Michael Anckaert on Dec 20, 2007 in Featured, Reviews • 1 comment
There probably isn’t a serious hacker around that doesn’t know the name nmap. It’s a security term on it’s own, the opensource portscanner that has been around for as long as I can remember.
Since it’s incarnation, nmap has been a command line tool. No point & click, just the power of the shell. A number of different GUI’s have been written, nmapfe, knmap, and so on. But now there is an official nmap GUI, Zenmap.
Zenmap comes as a part of the official nmap distribution. If you’re using Ubuntu like me, you’re still stuck with nmap 4.20, which doesn’t have zenmap yet. No big deal, head over to the nmap website and download the latest release. At this time that’s version 4.50.
If you don’t want to confuse your distributions package manager, it’s possible to install only zenmap and not the latest nmap release. Zenmap is a PyGTK application, which makes it cross platform for the heathens amongst us (non Linux users). So either install nmap like any other source code distribution application: ./configure, make and make install. Or just install Zenmap.
Installing Zenmap
After Zenmap is installed, it’s just a matter of running the zenmap command and you can start scanning! The Zenmap GUI is very functional and you will quickly find your way around.
With Zenmap it is possible to define a number of different profiles for you to use. When you define a profile you can set a number of options that will always be used for that profile and you can even add hosts that will be excluded from the scan. Another cool feature for the nmap power users is the Compare Results function. With this feature its possible to compare two scans and quickly see the difference between the two scans. Very useful for keeping an eye on a number of networks.
Comparing scan results was never this easy
But the new GUI isn’t just for the L33T Hax0r, novices will learn the power of nmap faster using Zenmap than through the command line. Zenmap has a Command Wizard that lets you set options for an nmap through a GUI window. Selecting the Xmas Tree TCP scan will add the -sX option that we all know and love 
A completed nmap scan (hostnames have been removed)
For a more serious audit or scanning session I’d probably stick to the command line nmap, force of habit you can call it. But the Zenmap GUI could probably perfectly replace that command line interface.
Thanks for the news, I’ll have to check that out!
I like the ‘command wizard’ concept, as I’ve seen it in other places as well, and it makes for a truly great way to learn about the programs that one runs. The shell *is* powerful, but too many people see it as a type of magic, not as something that can be learned with time and an understanding of the rules (command [options] file). I wish more applications would use this approach, such as various ffmpeg/mencoder format converters.