Nmap 6 Cookbook: The Fat Free Guide to Network Security Scanning (2015)
Section 11: Zenmap
Zenmap is a graphical frontend for Nmap designed to make light work of Nmap’s complex scanning features. The Zenmap GUI is a cross-platform program that can be used on Windows, Mac OS X, and Unix/Linux systems.
Zenmap is installed by default when you install Nmap on Windows systems. To start Zenmap go to Start > Programs > Nmap > Zenmap GUI.
Unix and Linux Users
Zenmap is automatically installed when you compile Nmap from source on a system with a desktop such as Gnome or KDE. If you install Nmap via apt or yum you may have to manually install the Zenmap package. This can be done by executing one of the following commands:
# apt-get install zenmap
# yum install nmap-frontend
Once installed, the Zenmap GUI can be launched by locating the icon on your system's application menu.
Mac OS X Users
Zenmap for Mac OS X is installed in Applications > Zenmap. It is included automatically as part of the default Nmap installation.
Note: The X11 server for Mac OS X is required to run Zenmap on Mac systems. This software can be found on the Mac OS X installation DVD. Newer versions of Mac OS X no longer include X11 server software. The Xquartz program can be installed on these systems in place of the legacy X11 server. Xquartz can be downloaded from xquartz.macosforge.org.
Basic Zenmap Operations
Performing a scan with Zenmap is as simple as 1, 2, 3...
Zenmap GUI overview
Enter a target (or select a recent target from the list)
Select a scanning profile
Press the scan button
The results of the scan are displayed once the scan is finished. The Nmap Output tab displays the raw output of the scan as it would appear on the command line. Zenmap also keeps a history of your scanning activity. This allows you to reference an earlier scan by selecting it from the sidebar list.
Zenmap scan output
Note: The actual command line string executed is displayed in the Command box above.
Zenmap provides built-in profiles for the most common types of scans. This simplifies the scanning process by eliminating the need to manually specify a long string of arguments on the command line.
Zenmap scanning profiles
If the built-in scans don’t meet your exact needs, you can create your own scanning profile. To do this, simply access the profile editor by selecting Profile > New Profile from the Zenmap menu (or press <CTRL + P> on the keyboard).
Zenmap profile editor
Within the Zenmap Profile Editor, you can select the options for your custom profile and Zenmap will automatically build the complex Nmap command line string based on your selections.
Tip: Hovering your mouse over various options will show information about the selection in the help field.
Once finished, simply click the Save Changes button and your custom profile will be available for use in the profile selection combo-box.
Viewing Open Ports
Once a scan is completed you can view a user-friendly display of the results on the Ports/Hosts tab. The buttons labeled Hosts and Services can be used to toggle the display of the recent scans.
Zenmap ports display
Viewing a Network Map
After performing one or more scans, you can view the results on a graphical map on the Topology tab.
Zenmap topology map
Zenmap’s topology feature provides an interactive graphic that shows the layout of a network and path to targets for completed scans (assuming a traceroute enabled profile is selected).
Tip: The graphic can be manipulated by pressing the Controls button to modify the various display options.
Saving Network Maps
You can also save a Zenmap topology map by pressing the Save Graphic button.
Saving a topology map
Zenmap supports exporting maps to several popular formats including PNG, PDF, SVG, and Postscript.
Viewing Host Details
The Host Details tab provides a user-friendly display of information gathered from a target system.
Zenmap host details
Viewing Scan History
The Scans tab displays scanning history for the current session. You can also manage previous scans by using the Add, Remove, or Cancel buttons at the bottom of the screen.
Zenmap scan history
Comparing Scan Results
Nmap and Zenmap scans can be compared using the Compare Results feature. To do this, select Tools > Compare Results from the Zenmap menu or press <CTRL + D>.
Zenmap comparison utility
Zenmap will load recent scans into the comparison utility or you can import an Nmap XML output file by pressing the Open button. The differences between the two selected scans are highlighted and color-coded for easy comparison.
Zenmap scans can be saved for future reference by selecting Scan > Save Scan from the menu or pressing <CTRL + S>.
Saving Zenmap scans