The Ethical Hacker Network - Is Nmap safe to use?

Latest Additions

Who's Online

Big Bur

Newbie

Offline

Posts: 12

Is Nmap safe to use?

« on: September 08, 2007, 01:40:53 AM »

The reason I ask this question is because I downloaded the newest stable version of Nmap for windows recently, and open completion, Windows informed me that Nmap contained a few trojans. Not that I think Window's security systems are "dead on", but I think that they might have been right this time. Nothing happened, and I calmly uninstalled the software, but still.

I know Nmap is a widely used tool these days, and I'm just a beginner after all. (Oh, and don't worry, I would have normally used my macbook, but I'm testing out these tools on my desktop first just in case anything DOES go wrong, haha).

So what is the deal with Nmap? I sure most of you use/have used it, and I think it is a required tool for the CEH, right?

Thanks.


	Logged

jimbob

Guest

Re: Is Nmap safe to use?

« Reply #1 on: September 08, 2007, 05:39:08 AM »

Hi,
Security tools such as nmap are often flagged up as viruses or trojans by anti-virus software. In most cases this is reasonable, since you'll want to know if an intruder has uploaded these tools and prevent them from using them. For security professionals it can be a pain in the butt.

Check your anti-virus software to see if it allows you to whitelist certain files or directories. Often you can make an exception for a directory and store all your tools that might set of you anti-virus scanner in there.

Of course you should consider that you may have downloaded a trojac. Where did you download nmap from? Does the checksum/PGP signature match that on the web site? It's always better to be safe than sorry.

Jimbob


	Logged

Negrita

Sr. Member

Offline

Posts: 299

Re: Is Nmap safe to use?

« Reply #2 on: September 08, 2007, 09:06:32 AM »

Nmap is perfectly safe to use. Here's the MD5 hash of the version I downloaded for you to compare;

63F103F19E0CAFEFE3FB7D823B0E935F *nmap-4.20-setup.exe

It was downloaded from here; http://insecure.org/nmap/download.html. A sniffer capture during the download shows I was downloading from 208.97.160.13. Obviously there may be a few mirrors to download from.

BTW, Symantec Corporate Edition doesn't detect this as malware, and also according to Fyodors site, neither does Trend Micro's PC-cillin.


	Logged

CEH, CCSA NG/AI, NNCSS, MCP, MCSA 2003

There are 10 kinds of people, those that understand binary, and those that don't.

Kev

Sr. Member

Offline

Posts: 428

Re: Is Nmap safe to use?

« Reply #3 on: November 20, 2007, 02:32:02 AM »

Well, I recommend nmap for linux. But if you must use windows then spend some time directly from the nmap site! So far every thing is safe from there other than the government trying to grab every IP that DLs from there. Just DL from a proxy. Even Tor will help.
. Check the Md5 and then check your box from another box to see if something is open if you are really worried. Other than that, Nmap will not hurt you if you use the defaults scans.