Nmap is a lightweight security scanner that's heavy on utility. Nmap can perform tasks as simple as a ping sweep to see which IP addresses are active and responding, as well as carry off complex scripts to scan your systems for known vulnerabilities. Another fun feature of Nmap is the ability to analyze the reply packets it receives from a host to determine which OS the host is running.
Nmap is most commonly used to see which services or ports are open or available on a host. It supports both TCP and UDP scanning. You can give it a single host to scan or a CIDR (Classless Inter-Domain Routing) block or an entire list of hosts and networks from a file. A dizzying range of options allows you to specify which types of packets to send out and to see which hosts are susceptible to various remote attacks. Additionally, Nmap provides several options to bypass firewalls and other network filters that would otherwise block your scans.
Nmap also includes the Nmap Scripting Engine (NSE), which combines custom scripts with existing Nmap functionality to perform more specific discovery and attack analyses than Nmap does by itself. Fyodor and David Fifield gave an excellent talk and demonstration on the NSE at the Black Hat conference in Las Vegas last year. In the demonstration, Fyodor showed the results of Nmap scans against Microsoft company computers that used some of the NSE's MS RPC discovery scripts. The scripts used rpcinfo to gather info such as share names and usernames from the Windows computers. There are 177 NSE scripts available from Nmap.org as of this writing, and because they are user contributed, the list of NSE scripts is expanding at an amazing pace.
If you're a longtime user of Nmap but haven't kept up with Nmap news and releases, you'll want to check out the Zenmap GUI's new network topology feature, which lets you create an interactive network map based on information gathered by Nmap. The map begins with localhost at the center and displays all discovered hosts in concentric rings around it, the rings indicating the number of hops away the hosts are. From there you can shift the focus to another host or get more info by clicking a host's icon in the map. The shape of the icon refers to the type of device, and the size indicates the number of open ports.
All this makes Nmap perfect for checking on IP address usage, scanning for security vulnerabilities, and ensuring your firewalls and routers are operating properly.