Nmap 6:Network exploration and security auditing Cookbook
上QQ阅读APP看书,第一时间看更新

Compiling Nmap from source code

Precompiled packages always take time to prepare and test, causing delays between releases. If you want to stay up-to-date with the latest additions, compiling Nmap's source code is highly recommended.

This recipe describes how to compile Nmap's source code in the Unix environment.

Getting ready

Make sure the following packages are installed in your system:

  • gcc
  • openssl
  • make

Install the missing software using your favorite package manager or build it from source code. Instructions to build these packages from source code are out of the scope of this book but are available online.

How to do it...

  1. Open your terminal and go into the directory where Nmap's source code is stored.
  2. Configure it according to your system:
    $ ./configure
    

    An ASCII dragon warning you about the power of Nmap will be displayed (as shown in the following screenshot) if successful, otherwise lines specifying an error will be displayed.

    How to do it...
  3. Build Nmap using the following command:
    $ make 
    

    If you don't see any errors, you have built the latest version of Nmap successfully. You can check this by looking for the compiled binary Nmap in your current directory.

    If you want to make Nmap available for all the users in the system, enter the following command:

    # make install 
    

How it works...

We used the script configure to set up the different parameters and environmental variables affecting your system and desired configuration. Afterwards, GNUs make generated the binary files by compiling the source code.

There's more...

If you only need the Nmap binary, you can use the following configure directives to avoid installing Ndiff, Nping, and Zenmap:

  • Skip the installation of Ndiff by using --without-ndiff
  • Skip the installation of Zenmap by using --without-zenmap
  • Skip the installation of Nping by using --without-nping

OpenSSL development libraries

OpenSSL is optional when building Nmap. Enabling it allows Nmap to access the functions of this library related to multiprecision integers, hashing, and encoding/decoding for service detection and Nmap NSE scripts.

The name of the OpenSSL development package in Debian systems is libssl-dev.

Configure directives

There are several configure directives that can be used when building Nmap. For a complete list of directives, use the following command:

$ ./configure --help

Precompiled packages

There are several precompiled packages available online (http://nmap.org/download.html) for those who don't have access to a compiler, but unfortunately, it's very likely you will be missing features unless its a very recent build. Nmap is continuously evolving. If you are serious about harnessing the power of Nmap, keep your local copy up-to-date with the official repository.

See also

  • The Downloading Nmap from the official source code repository recipe
  • The Listing open ports on a remote host recipe
  • The Fingerprinting services of a remote host recipe
  • The Comparing scan results with Ndiff recipe
  • The Managing multiple scanning profiles with Zenmap recipe
  • The Running NSE scripts recipe
  • The Scanning using a specified network interface recipe
  • The Saving scan results in normal format recipe in Chapter 8, Generating Scan Reports
  • The Generating a network topology graph with Zenmap recipe in Chapter 8, Generating Scan Reports