Movatterモバイル変換

[0]ホーム
URL:

Home page logo

Windows

While Nmap was once a Unix-only tool, a Windows version wasreleased in 2000 and has since become the second most popular Nmapplatform (behind Linux). Because of this popularity and the fact thatmany Windows users do not have a compiler, binary executables aredistributed for each major Nmap release. We support Nmap on Windows 7and newer, as well as Windows Server 2008 and newer. We also maintainaguide for userswho must run Nmap on earlier Windows releases.Nmap runs equally well on Windows as on Unix in nearly every way, though there are a couple of known limitations:

  • Nmap only supports ethernet interfaces (including most802.11 wireless cards and many VPN clients) for raw packet scans.Unless you use the-sT -Pn options, RAS connections(such as PPP dialups) and certain VPN clients are not supported. Thissupport was dropped when Microsoft removed raw TCP/IP socket supportin Windows XP SP2. Now Nmap must send lower-level ethernet framesinstead.

  • When using Nmap without Npcap, you cannotgenerally scan your own machine from itself (using aloopback IP such as 127.0.0.1 or any of itsregistered IP addresses). This is a Windows limitation that wehave worked around in Npcap, which is included in the Windows self-installer.Users stuck without a Npcap installation can use a TCPconnect scan without pinging (-sT -Pn) as that usesthe high level socket API rather than sending rawpackets.

Scan speeds on Windows are generally comparable to those onUnix, though the latter often has a slight performance edge. Oneexample of this is connect scan (-sT), which may beslower on Windows because of different limits in the Windowsnetworking API. Since this is the one TCP scan thatworks over all networking types (not just ethernet, like the raw packet scans),Nmap includes a collection of Registry changes that substantially improve connect scan performance.By default these changes are applied for you by the Nmap executable installer, and are also available in thenmap_performance.reg filein thenmap-<version>directory of the Windows binary zip file (forNmap OEM customers), andnmap-<version>/mswin32in the source tarball (where<version> is theversion number of the specific release). These changes increasethe number of ephemeral ports reserved for user applications (such asNmap) and reduce the time delay before a closed connection canbe reused. Most people simply check the box to apply these changes in the executable Nmap installer, but you can also apply them by double-clicking onnmap_performance.reg, or by running the commandregedt32 nmap_performance.reg. To make the changes by hand, add these three Registry DWORD values toHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters:

MaxUserPort

Set a large value such as 65534 (0x0000fffe). SeeMS KB 196271.

TCPTimedWaitDelay

Set the minimum value (0x0000001e). SeeMS KB 149532.

StrictTimeWaitSeqCheck

Set to 1 so TCPTimedWaitDelay is checked.

[Note]Note

I would like to thank Ryan Permeh of eEye, Andy Lutomirski, and Jens Vogt for their hard work on the Nmap Windows port. For many years, Nmap was a Unix-only tool, and it would likely still be that way if not for their efforts.

Windows users have three choices for installingNmap, all of which are available from thedownload page athttps://nmap.org/download.html.

Windows Self-installer

Every Nmap release includes a Windowsself-installer namednmap-<version>-setup.exe(where<version> is the version number of thespecific release). Most Nmap users choose this option since it is soeasy. Another advantage of the self-installer is that it provides the option to install the Zenmap GUI and other tools. Simply run the installer file and let it walk you throughpanels for choosing an install path and installing Npcap. Theinstaller was created with the open-sourceNullsoft ScriptableInstall System. After it completes, readthe section called “Executing Nmap on Windows” for instructions on executing Nmap on thecommand-line or through Zenmap.

Command-line Zip Binaries

[Note]Note

The Zip archive is available toNmap OEM customers only. Most users prefer installing Nmap with the self-installer discussed previously.

Every stable Nmap OEM release is also available as Windowscommand-line binaries and associated files in a Zip archive. Nographical interface is included, so you need to runnmap.exe from a DOS/command window.Here are the step-by-step instructions for installing and executing the Nmap .zip binaries.

Installing the Nmap zip binaries

  1. Download the .zip binaries from the link provided in your Nmap OEM order.

  2. Extract the zip file into the directory you wantNmap to reside in. An example would beC:\ProgramFiles. A directory callednmap-<version> should be created, which includesthe Nmap executable and data files.

  3. For improved performance, apply the Nmap Registrychanges discussed previously.

  4. Nmap requires the free Npcap packet capture library.We include a recent Npcap installer which is available in the zip fileasnpcap-<version>-oem.exe,where<version> is the Npcap version ratherthan the Nmap version. Alternatively, you can obtain and installthe latest version fromhttps://npcap.com.

  5. Due to the way Nmap is compiled, it requires theMicrosoft Visual C++ Redistributable Package of runtimecomponents. Many systems already have this installed from otherpackages, but you should runvc_redist.x86.exefrom the zip file just in case you need it.Pass the/q option to run these installers in quiet (non interactive) mode.

  6. Instructions for executing your compiled Nmap aregiven inthe section called “Executing Nmap on Windows”.

Compile from Source Code

Most Windows users prefer to use the Nmap binary self-installer,but compilation from source code is an option, particularly if you plan to help with Nmap development. Compilation requiresMicrosoft Visual C++ 2019, which is part of their commercialVisual Studiosuite. Any of the Visual Studio 2019 editions should work, including the freeVisual Studio 2019 Community.

Some of Nmap's dependencies on Windows are inconvenient to build. Forthis reason, precompiled binaries of the dependencies are stored inSubversion, in the directory/nmap-mswin32-aux.When building from source, whether from a source code release or fromSubversion, check out/nmap-mswin32-aux asdescribed below.

Compiling Nmap on Windows from Source

  1. Download the Windows dependencies from Subversion with the commandsvn checkout https://svn.nmap.org/nmap-mswin32-aux.The build files are configured to look for dependencies in thischecked-out directory. If you want to build the dependencies yourselfinstead, you will have to reconfigure the Visual Studio project files topoint to the alternate directory.

  2. Decide whether to obtain the Nmap source code by downloading the latest release from nmap.org, or using a Subversion client to retrieve even newer (but less tested) code from our repository. These instructions are for the web download approach, but using Subversion instead is straightforward (seethe section called “Obtaining Nmap from the Subversion (SVN) Repository”).

  3. Download the latest Nmap source distribution fromhttps://nmap.org/download.html. It has the namenmap-<version>.tar.bz2 ornmap-<version>.tgz. Those are the same tar file compressed using bzip2 or gzip, respectively. The bzip2-compressed version is smaller.

  4. Uncompress the source code file you just downloaded. Thesource code directory and thenmap-mswin32-aux mustbe in the same parent directory.Recent releases of the freeCygwin distribution can handle both the.tar.bz2 and.tgz formats. Use the commandtar xvjf nmap-version.tar.bz2 ortar xvzf nmap-version.tgz, respectively. Alternatively, the commonWinZip application can decompress these files.

  5. Open Visual Studio and the Nmap solution file (nmap-<version>/mswin32/nmap.sln).

  6. Right click onSolution 'nmap' in the Solution Explorer sidebar and chooseConfiguration Manager. Ensure that the active solution configuration isRelease and then close the Configuration Manager.

  7. Build Nmap by pressingF7 or choosingBuildSolution from the GUI. Nmap should begin compiling, andend with the line-- Done -- sayingthat all projects built successfully and there were zerofailures.

  8. The executable and data files can be found innmap-<version>/mswin32/Release/. You can copy them to a preferred directory as long as they are all kept together.

  9. Ensure that you have Npcap installed. The official installer for the latest version is available athttps://npcap.com/#download. Users who install via our binary self-installer will have Npcap installed automatically.Nmap OEM customers can also runnpcap-<version>.exe from our zip package.

  10. Instructions for executing your compiled Nmap aregiven in the next section.

If you wish to build an Nmap executable Windowsinstaller or Zenmap executable,seedocs/win32-installer-zenmap-buildguide.txt in the Nmap SVN repository.

Many people have asked whether Nmap can be compiled with thegcc/g++ includedwith Cygwin or other compilers. Some users have reported success withthis, but we don't maintain instructions for building Nmap underCygwin.

Executing Nmap on Windows

Nmap releases now include theZenmap graphical user interface for Nmap.If you used the Nmap installer and left the Zenmap field checked,there should be a new Zenmap entry on your desktop and Start Menu.Click this to get started. Zenmap is fully documented inChapter 12,Zenmap GUI Users' Guide. While many users love Zenmap, others preferthe traditional command-line approach to executing Nmap. Here aredetailed instructions for users who are unfamiliar with command-lineinterfaces:

  1. Open Terminal, PowerShell, or Command Prompt. If you are using MSYS2, Cygwin, or WSL,the necessary commands differ slightly from those shown here.

  2. Change to the directory you installed Nmap into. You can skip this step if Nmap is already in your command path (the installer adds it there by default). Otherwise, type the following commands.

    c:cd "\Program Files (x86)\Nmap"

  3. Executenmap.exe.Figure 2.1 is a screen shot showing a simple example.

Figure 2.1. Executing Nmap from a Windows command shell
Executing Nmap from a Windows command shell

If you execute Nmap frequently, you can add the Nmap directory(c:\Program Files (x86)\Nmap by default) to your command execution path:

  1. Open the System Properties window to the Advanced tab by runningSystemPropertiesAdvanced.exe.

  2. Click theEnvironmentVariables button.

  3. ChoosePath from theSystem variables section, then hitedit.

  4. Add a semi-colon and then your Nmap directory (e.g.c:\Program Files (x86)\Nmap) to the end of the value.

  5. Open a new command prompt and you should be able to execute acommand such asnmap scanme.nmap.org from any directory.

[8]ページ先頭
©2009-2026 Movatter.jp