ALL 121 Group 4 Ruan Botha 10690817 Nmap vs Advance Port Scanner A Port Scanner is an important tool in any Computer Security Professional’s or Network Administrator’s toolkit. A Port Scanner is a tool used to obtain information about a network such as topology, online network endpoints and open ports. This review will be looking at Nmap and Advance Port Scanner. The functionality, speed and accuracy will be compared as well as the ease of use. Advance Port Scanner basic details: File Size: 426 kb Operating System Compatibility: Windows 95/98/ME/NT4.0/2000/XP/2003/Vista/2008 and Windows 7 (32Bit and 64 Bit) Interface: (Advance Port Scanner, 2014) Nmap basic details: File size: 25.6 mb (Windows GUI version) 19.1 mb (Windows Command line version) Operating System Compatibility: Windows NT, including 2K, XP, Vista, Windows 7, and Server 2003/2008, Mac OS X, Linux (all distributions), FreeBSD, OpenBSD, NetBSD, Sun Solaris, Amiga, HP-UX Interface: ALL 121 Group 4 Ruan Botha 10690817 -Zenmap is the GUI version of Nmap. (Nmap, 2014) The first consideration of each software application is the size, as shown above. Advance Port Scanner (APS) is by far smaller than Nmap. Nmap is the more universal scanner due to its Operating System compatibility. Nmap can run on a server where as APS can only run on a local windows machine. The difference of each program’s capabilities and functionalities are listed: Advance Port Scanner: o Default Multithreading o Default to Telnet o NetBios retrieving o Default 2 different scanning types Nmap: o Default Single-Threaded o Topology drawing tools o Powerful scripting capabilities o Default 10 different scanning types o Built in scripting engine o Online library of available scripts o OS Detection o Firewall/IDS Evasion and spoofing ALL 121 Group 4 Ruan Botha 10690817 The comparison of the functionality of Nmap and Advance Port Scanner (APS) shows that Nmap has more functionality and gives more freedom to a user, where as APS is only a small port scanner with very limited settings and customizable options. The scripting in Nmap makes it allot more convenient for a person to do repetitive work or a scan on very big networks with allot of subnets. In APS the task of scanning separate networks can be done but with more effort than Nmap and has to be done manually i.e. with someone operating the machine at each separate scan. Another positive of Nmap is that the available scripting library makes it easier for a person to download an already written script for a specific situation and use it instead of having to do the scan manually or having to waste time writing and testing a script. With Nmap the setting and options have to be changed and maintained on each specific scan where as Advance Port Scanner(APS) it is not needed. Retrieving the NetBios with APS is easier and quicker than with Nmap where a specific script is needed. Using APS is quicker than Nmap if the network scan is simple, but if the network is more complex Nmap is better, for it has the ability to run scripts that do the work instead of a person having to do it manually like in APS. A scan was done on a local network with both programs and the results shown: Advance Port Scanner: ALL 121 Group 4 Ruan Botha 10690817 Nmap: All IPs are covered to protect the owner/s. When comparing the results of each program’s basic scan, it is clear that there is no better scanner for both did a good job at detecting all devices on the network at roughly the same speed. When using a more advance method of scanning, Nmap showed greater detail about the detected devices than Advance Port Scanner’s advance scan. The results that were gathered in both programs are detailed and easily understood. Nmap has the additional functionality to display a topological map of the network, here is an example from the Nmap website: ALL 121 Group 4 Ruan Botha 10690817 (The “Topology” tab) This is a very handy tool for Security Experts or Network Administrators. My recommendation: I recommend Nmap, because the built in and extra functionality available make it allot more time efficient to use over the long term than Advance Port Scanner. Advance Port Scanner is a handy and small tool to be used in smaller network applications and is limited to only small networks. The main reason to consider Nmap is its scripting capability, scripting allows for automated work to be done and the automation of sorting of the retrieved data, this makes it a big time saver when repetitive work has to be done, or allot of result data is collected and need to be sorted. ALL 121 Group 4 Ruan Botha 10690817 Resource List: Advance Port Scanner. Computer Software 2014. Available at: <http://www.radmin.com/download/previousversions/portscanner.php> [ Accessed 10/10/2014 ] The “Topology” tab image. Available at: < http://nmap.org/book/zenmap-results.html OR http://nmap.org/book/images/zenmap-fig-tab-topology.png > [Accessed 10/10/2014] Nmap. Computer Software 2014. Available at: < http://nmap.org/download.html> [Accessed 10/10/2014]