Zenmap is the official graphical user interface (GUI) for the Nmap Security
Scanner. It is a multi-platform, free and open-source application
designed to make Nmap easy for beginners to use while providing
advanced features for experienced Nmap users. Frequently used scans
can be saved as profiles to make them easy to run repeatedly. A
command creator allows interactive creation of Nmap command lines.
Scan results can be saved and viewed later. Saved scans can be
compared with one another to see how they differ. The results of
recent scans are stored in a searchable database. A typical Zenmap screen shot is shown in Figure 12.1. See the official Zenmap web page for more screen shots.
Figure 12.1. Typical Zenmap screen shot
This guide is meant to make Nmap and Zenmap easy to use together,
even if you haven't used either before. For the parts of this guide that
deal specifically with Nmap (command-line options and such), refer
to Chapter 15, Nmap Reference Guide.
The Purpose of a Graphical Frontend for Nmap
No frontend can replace good old command-line Nmap. The nature of a
frontend is that it depends on another tool to do its job. Therefore
the purpose of Zenmap is not to replace Nmap, but to make Nmap
more useful. Here are some of the advantages
Zenmap offers over plain Nmap.
- Interactive and graphical results viewing
In addition to showing Nmap's normal output, Zenmap can
arrange its display to show all ports on a host or all hosts
running a particular service. It summarizes details about a
single host or a complete scan in a convenient
display. Zenmap can even draw a topology map of discovered
networks. The results of several scans may be combined
together and viewed at once.
Zenmap has the ability to show the differences
between two scans. You can see what changed between the same
scan run on different days, between scans of two different
hosts, between scans of the same hosts with different
options, or any other combination. This allows
administrators to easily track new hosts or services
appearing on their networks, or existing ones going down.
Zenmap keeps track of your scan results until you choose to
throw them away. That means you can run a scan, see the
results, and then decide whether to save them to a file. There
is no need to think of a file name in advance.
Zenmap's command profiles make it easy to run the exact same
scan more than once. There's no need to set up a shell script
to do a common scan.
Nmap has literally hundreds of options, which can be
daunting for beginners. Zenmap's interface is designed to
always show the command that will be run, whether it comes
from a profile or was built up by choosing options from a
menu. This helps beginners learn and understand what they are
doing. It also helps experts double-check exactly what will be run before they press “Scan”.