Deploy360 Improving Technical Security IPv6

New Nmap Version 6 Provides Full IPv6 Support, Useful IPv6 Tools

NmapThe big news this week out of The Nmap Project was the release of Nmap 6, “the product of almost three years of work, 3,924 code commits, and more than a dozen point releases since the big Nmap 5 release in July 2009.” The big addition of interest to us, of course, was the deep support for IPv6, detailed in a lengthy section at:

Nmap (“Network mapper”) is a free utility for scanning networks that has been available since 1997 and is a key tool for network and systems administrators, not just for security but also for managing networks. Nmap has had support for IPv6 since 2002, but just in time for World IPv6 Launch the appropriately named Nmap 6 provides full IPv6 support, including:

  • easy usage by just adding “-6” to the command line
  • raw IPv6 port scanning
  • IPv6 operating system detection system
  • a range of IPv6 host discovery techniques (given that brute-force scanning of IPv6 address space is problematic)
  • IPv6 Neighbor Discovery ping
  • an IPv6-only scanning test sitePlus the various websites associated with Nmap have been dual-stacked so that they can be reached over IPv4 or IPv6.

And, as a bonus for the old-skool crowd, this gem could be found later in the release notes:

Nmap now supports the old-school Gopher protocol thanks to our handy gopher-ls NSE script. We even support Gopher over IPv6!

So for all of you out there with gopher servers running on IPv6, nmap will work for you!

Seriously, though, the IPv6 support found in Nmap 6 will go a long way in helping network administrators understand what IPv6 devices are running on their network. Available for download for Linux, Windows, Mac OS X or in source form, Nmap 6 is a tool you’ll want to have. I’ve already installed it on my systems and look forward to trying out these new options!