How to update the nmap database

Your nmap service probe database is probably out of date. It's easy to update that special file to the latest version.

How to update the Nmap database

Chances are, you use nmap as your go-to network scanner of choice. There's a good reason for that. Not only is nmap free and open source, but it's also one of the most powerful and flexible tools of its kind.

But did you know that your nmap service probe database is probably out of date? That's right. Even though you keep your installed version of nmap as up-to-date as possible, it could very easily depend on an old database release.

Why is that key? The database is used when running a network probe for services. That database is not automatically updated, which means any services that undergo changes (since you first installed nmap) might not be reflected in the version you use.

SEE: Server deployment/migration checklist (Tech Pro Research)

So how do you update the database? Manually. Let's find out how.

What you need

You only need nmap installed and a user account with sudo privileges. I'll demonstrate this process on Ubuntu Desktop 18.04, but the task should be the same on nearly any platform (with minor adjustments).

Checking your database

The first thing you want to do is compare your nmap database release to the latest version. To check your installed release, open a terminal and issue the command:

less /usr/share/nmap/nmap-service-probes

The second line will give you the release number (Figure A).

Figure A

Figure A: Our current nmap database release number is 36902 2017-07-31.

The example I presented was from a fresh installation of nmap and includes a version that is almost three years old.

To find out the current release number, point your web browser to the current nmap database, which will show a release number of 37619. That's more like it.

How do we fix this?

Update the database

To update this database, you need to first move the current database (to serve as a backup). From the terminal window, issue the command:

sudo mv /usr/share/nmap/nmap-service-probes /usr/share/nmap/nmap-service-probes-XXXX

Where XXX is the release number of the database to be moved.

Next, download the newest version with the commands:

cd /usr/share/nmap
sudo wget

Open that file with the command:

less nmap-service-probes

You will notice there is no version number in this file (Figure B).

Figure B

Figure B: Our latest database with no version number.

I highly recommend that you add the version number to this file, so the next time you check it you can compare it to the latest available release. To add the version number, issue the command:

sudo nano nmap-service-probes

Add the version number in the form of:

# $Id$ nmap-service-probe XXXX YEAR-MO-DT NAME

Where XXXX is the release number, YEAR-MO-DT is the Year-Month-Date and NAME is your Linux username. Once you add that information, save and close the file.

Your nmap database is now fully updated. You can start using it to scan your network, knowing the service probe database is more capable of returning correct and successful results.

Also see

Image: Jack Wallen