Unsolved Nmap

---

Is it accurate to state that Nmap is both a Network Scanner and Vulnerability scanner?

Razmik,

I think that it would be more accurate to say that NMAP is a network Scanner and a security auditing tool. It is not a true vulnerability scanner in the sense that it looks for vulnerabilities based on a pre-set list or set of definitions, but rather uses raw IP packets to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics.

You can use it for taking a network inventory, managing service upgrade schedules, and monitoring host or service uptime.

Hope that helps.

Cheers,

Adam