Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning

Although the information available from Fyodor's site, insecure.org, is free, and very helpful and available, having this book has expanded my understanding of security immensely. With the tips and tricks in the book, I've learned even more. Excellent tool for anyone on the security side of admin-ing. A must have in your hard copy library.

I could summarize this book review by saying this is THE nmap reference book, what in itself would be an obvious conclusion I already expected before reading a single page, just by looking at the author name. Fyodor is the creator of nmap, a tool he has carefully fed and taken care of during all these years, and slightly knowing him from the Honeynet project, I couldn't expect less. "Nmap Network Scanning" is a masterpiece that teaches the reader the Art of Network Mapping and Scanning, and definitely, one of the best books I've read in years. Honestly, there are only a few minor things regarding network scanning you cannot accomplish with a single tool, the current nmap version. The book takes advantage of it. The official nmap reference guide is simply included on chapter 15, while the rest of the book steers the reader through the nifty art of network mapping and scanning. It disects the network scanning phases and techniques, describing the different options and tool arguments available throughout practical examples and real-world usage tips, here and there, that will improve all your scanning techniques. This is a never-ending book that took Fyodor 5 years to write, and it clearly spreads his experience testing and analyzing networks. This is specially true in the "Solution" section at the end of some chapters, where real-world scenarios are efficiently solved. Additionally, the book clearly pinpoints the limitations for the multiple platforms (eg. Windows vs Linux) and scenarios (eg. privileged vs non-privileged user) nmap can run on. Besides that, it summarizes most nmap internals without requiring you to dive deep into the source code, what is a challenge in itself. All this information is complemented with some real challenges you find as a penetration tester today, such as the limitations to spoof Internet traffic from legal ISP, a topic I've been researching about recently. The most advanced and technical chapters are chapter 7 and 8, detailing the inner workings of the nmap service, application, and OS fingerprinting modules, and chapter 9, providing the NSE knowledge required to read and develop your own nmap scripts. This is the type of book I recommend you to read in front of your computer, practicing simultaneously. Open a terminal, enable your network connection, and run the latest nmap version as you read throughout the book while testing the different options and examples. You can use multiple target virtual machines to experiment with, or if not available, the scanme.nmap.org site (use with caution). One thing is sure: you will have a lot of fun! I have been using nmap since 1999, and found the book fits a broader audience, from the novice reader (please, do not get overwhelmed initially by all the available nmap options and scan types), that can learn the principles of the scanning techniques used (the packet flow diagrams on the port scanning chapter are specially helpful), up to the advanced professional, explaining w

Having the privilege of reviewing draft copies of this book over the past couple years, I think it will quickly become required reading for network engineers, system administrators, and anyone working in the computer security arena. Fyodor, the developer of nmap, is the obvious choice to author a book on his project. This book, however, goes well beyond an expanded "man page" for the premier port scanning tool. Fyodor gives an insightful overview of TCP/IP (including some really beautiful graphs of IP headers). He also shows how to use nmap for network monitoring, to gain a better understanding of networks, and to test firewalls. Consider this book a Rorschach test of sorts. If you want to learn how to inventory your network gear, this book has an answer. If you want to learn how to bypass firewalls and IDS, this book will help. If you need to test network security, this book will be required reading. I have been using nmap for nearly a decade and there were still some great tips and tricks that I found for the first time in these pages. Thanks for the effort Fyodor.

The 1962 song Wipe Out, with its energetic drum solo started, was the impetus for many people to take up playing the drums. Similarly, Nmap, the legendary network scanner, likely interested many in the art of hacking, and for some, started a career for security professionals and hackers. Nmap and its creator Fyodor need no introduction to anyone on Slashdot. With that, Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning, is a most useful guide to anyone interested in fully utilizing Nmap. One may ask, why spend $50 on this book, when the Nmap Reference Guide provides a significant amount of the basic information needed to use the tool, especially since the reference guide is both free, and well written. The reference guide is included in the book in chapter 15, and takes up 41 pages. And for those that are cash strapped, the free reference guide is the way to go. In addition, the web site for the book notes that about half of the content is available in the free online edition. The most useful information is in the book in chapters exclusive to the print edition, which includes Detecting and Subverting Firewalls and Intrusion Detection System, Optimizing Nmap Performance, Port Scanning Techniques and Algorithms, Host Discovery, and troubleshooting. The main benefit of the buying the book is that it has the collected wisdom of Fyodor's, in addition to numerous real-world scenarios, and Nmap commands not documented elsewhere. At over 400 pages, the books 15 chapters provide the reader with everything they need to know about using Nmap to the fullest. Chapter 1 starts with an overview of the history of Nmap and how it came to be. As to the question of whether port scanning is legal, the author writes that it is best to avoid the debate and its associated analogies. He advises that it's best to avoid ISP abuse reports and criminal charges, by not annoying the target network administrators in the first place. Chapter 1 provides a number of practical suggestions on just how to do that. A complaint against Nmap it that is has often been blamed for crashing systems. Chapter 1 shows that the reality is that Nmap will rarely be the primary cause of a system crash. The truth is that many of the systems that crashed as a result of an Nmap scan were likely unstable from the outset, and Nmap either pushed them over the top or they coincidentally crashed at the same time as the Nmap scan. An ironic incident detailed in chapter 3 is when someone from the information security department of Target Corp. complained to the author that he felt the Nmap documentation was particularly directed at his organization; given the use of the term target. He requested that the Nmap documentation be changed from targetto example. The section on target enumeration in the book shows the author did not take that request to heart. Another example of where the book goes beyond what is in the reference guide is where the author sh