Abstract

Nmap, or Network Mapper, is a free, open source tool that is available under the GNU General Public License as published by the Free Software Foundation. It is most often used by network administrators and IT security professionals to scan corporate networks, looking for live hosts, specific services, or specific operating systems. Part of the beauty of Nmap is its ability to create IP packets from scratch and send them out utilizing unique methodologies to perform the above-mentioned types of scans and more. This book provides comprehensive coverage of all Nmap features, including detailed, real-world case studies.
• Understand Network Scanning
Master networking and protocol fundamentals, network scanning techniques, common network scanning tools, along with network scanning and policies.
• Get Inside Nmap
Use Nmap in the enterprise, secure Nmap, optimize Nmap, and master advanced Nmap scanning techniques.
• Install, Configure, and Optimize Nmap
Deploy Nmap on Windows, Linux, Mac OS X, and install from source.
• Take Control of Nmap with the Zenmap GUI
Run Zenmap, manage Zenmap scans, build commands with the Zenmap command wizard, manage Zenmap profiles, and manage Zenmap results.
• Run Nmap in the Enterprise
Start Nmap scanning, discover hosts, port scan, detecting operating systems, and detect service and application versions
• Raise those Fingerprints
Understand the mechanics of Nmap OS fingerprinting, Nmap OS fingerprint scan as an administrative tool, and detect and evade the OS fingerprint scan.
• “Tool” around with Nmap
Learn about Nmap add-on and helper tools: NDiff--Nmap diff, RNmap--Remote Nmap, Bilbo, Nmap-parser.
• Analyze Real-World Nmap Scans
Follow along with the authors to analyze real-world Nmap scans.
• Master Advanced Nmap Scanning Techniques
Torque Nmap for TCP scan flags customization, packet fragmentation, IP and MAC address spoofing, adding decoy scan source IP addresses, add random data to sent packets, manipulate time-to-live fields, and send packets with bogus TCP or UDP checksums.
Russ Rogers is co-founder, CEO, CTO and Principal Security Consultant for Security Horizon, Inc. Russ is a United States Air Force Veteran and has served in military and contract support for the National Security Agency and the Defense Information Systems Agency. He also serves as the Professor of Network Security at the University of Advancing Technology (uat.edu) in Tempe, AZ.
?My career is based on performing network evaluations and penetration tests on customer networks to find security holes. A significant part of my job is understanding the specifics of what machines, services, and applications are available to attack on those networks. This is normally the first step in any network security work. Although there are certainly multiple tools available that could be used for this, the industry agrees (by huge majority) that NMAP is the best tool for the job. It provides mandatory functions, such as service identification and verification, but also provides the added capabilities for identifying the host operating system and utilizing a variety of port scans methods, depending on the job requirements.
Many of the options within NMAP are no longer documented within the help files, requiring users of the product to keep their own notes or perform extensive web searches looking for the appropriate command line options to use. It is my opinion that a Syngress book on the NMAP tool would provide an invaluable reference to individuals depending on the NMAP tool. What a great benefit it would be to reach over and take a reference from the book shelf.
Of course, all truly useful reference books need a qualified author who understands the underlying details. I believe Angela Orebaugh has the background and network knowledge to write a comprehensive and valuable reference book on NMAP. Angela has already authored books on intrusion detection, Snort IDS, and packet sniffing using Snort. The understanding of networks and protocols required to write on those topics is mandatory when authoring a reference on port scanning. It is my hope that Ms. Orebaugh can de-mystify some of the basic operations of the port scans and provide a much needed tutorial on how each scan works and why it might be useful in each situation.?
Richard Stiennon, vice president at Gartner
"Nmap is one of the tools in your toolbox you need as a network analyst. I would recommend everyone in the world use it to check port 135 to see if [they] have desktop servers listening on it. If you don't, you're going to be down in the next couple of weeks."