I did some research on this again before posting, but the concept isn't clear to me yet. Who runs this application? What's it used for? Negative purposes only? I'd like to know this, since my Norton is constantly flashing a message about this, that somebody is trying to attack my computer by using the NMap Null Scan...
Null scan is just a little piece in os-fingerprinting. As the name "null" scan already implies, no flags are set on packages. This is a method to trick firewall-filters. Microsoft OS (Widnows 9x,NT,2k) do not apply to standards in this point (as e.g. also for UDP), so this method remains without effect on them. BUT: On successfull FIN, Xmas and Null Scan an attacker knows that the scanned system is NOT a Windows OS.
Nmap is a Hacker tool used by ethical hackers or malicious hackers so it could be anyone using it as its a free software and hackers everywhere use it .
"Nmap is a free security scanner written by Fyodor. It is used to evaluate the security of computers, and to discover services or servers on a computer network."