Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning

Classic position, Must-have for everyone who work in IT.

nmap is a well-used component of my IT toolbox. I use it primarily for self-discovery (no, not THAT sort of 'self-discovery') - to check my network perimeter, to check the security model inside my network, to figure out who's doing what on my wire, etc. - but I always knew that I was taking advantage of only a small part of its potential. Lyon's book provides a detailed and informative presentation to nmap and its many uses in the professional IT arsenal. While, a fair bit of the material can be gleaned from a wide-assortment of sources on the net (somewhere in those tubes) - including from Lyon's own site, [...] - this book coalesces and distills the material into a tight, cohesive and entertaining presentation with added tidbits that only the author of such a powerful tool might know. And since, like any good tool, using nmap can be dangerous w/o a good user manual, this book provides the need-to-know information for efficient use of nmap. Hell, even if the book sucked, the guy has done such a valuable service by providing this free, open-source tool it seems only fitting that we throw him a couple of bucks for all of his effort. But the book rocks, so it's a two-fer: good-info AND smug feeling of satisfaction that $$ is well spent on someone who actually did something. So: If you want to be in the know you need this book. If you want to know what is on your network you need this book. If you want to keep ahead of those damned script-kiddies you need this book.

I purchased this book as part of a graduate level ethical hacking course at WGU. I could simply state that if you're going to use nmap, you need this book. However, for people like me who are just getting started in the world of ethical vulnerability and penetration testing, I needed something comprehensive, complete, and not too "over my head." The author (and his team who he clearly acknowledges in the Introduction) have done a superior job in the writing of this book; the actual writing style is so easy to read and understand. The author takes great care in identifying and acknowledging the various skill set of his potential readers. He provides scenarios, case studies, examples, and detailed descriptions that people like me need and enjoy. He also provides charts, screen prints, and a reference manual for people who want to use this book as a reference only. I am reading this book cover to cover and will be buying my second copy today to keep at my office. Reading this book is like having a discussion with the book's author and since the author also developed the nmap program, I can't think of a better person to learn nmap from. Excellent work Fyodor!

Every Security God needs a Bible, and Fyodor's absolute, incredibly definitive guide on Nmap will imbue you with rock-solid scanning stratagems without having to sacrifice the network to lesser tools and tomes. An earlier review mentioned this book, "Is not for the casual nmap user..." Indeed, Nmap is not a casual tool. No other open-source security tool in recent memory (10yrs) matches the potentially bad....and ostensibly good events someone could discern from a network. What makes the book unique in its approach is that it was written by the creator of the tool. Fyodor is a rare combination of first-rate programmer and elucidating author, which some might relate to -- how many of us have used an excellent tool, only to be underwhelmed by the dearth of documentation? This is especially important from a technique/holistic view, meaning that the more intricate the security tool, the more potential mayhem one can create. It's the difference between knowing your vulnerabilities or finding out how personally vulnerable you are to pointed questions by angry admins after you brought down the network...or worse. Over half the book goes over features and options I haven't seen online anywhere else -- that alone makes the book a worthwhile purchase. Buying the book reaffirms the concept that intelligent, well-designed open source software can be exponentially better than software costing thousands...and you can take that to your Knowledge Bank. -joe

Ordered this to really understand all the bells and whistles of Nmap before taking my PWK (OSCP) course. Regarding the criticism for Fyodor for repeating himself, there is a lot of repetition in the book. However, this actually adds value to book as reference material. Unlike other books, while reading on any topic you do not have to jump around in the book as everything you need is right there in each chapter. Most of the chapters are very easy reading while some get very technical. Not only does the author explain how to use the tool, he explains exactly what Nmap is doing with each command from a technical standpoint. If you plan to make your own network scanning tool, this is the book for you! The book is a bit dated BUT all the updated material is available online for FREE as well as the Nmap change logs. My only criticism lies in the quality of the material not the content (5 star content). The printing is blurred on multiple pages and cover is awkward (after opening once the cover will forever curl out). This is book I would like to keep forever, it would have been nice if it came in hard cover.

This IMO is the best book is the best for learning nmap. It is written in a way that’s very clear and to the point, but also very engaging.

The book is slightly dated, but still very informative. I would not hesitate to suggest this book to somebody wanting to learn Nmap. Not only is it a good reference for Nmap options and tunings, it also displays the information in an engaging and informative way from the perspective of a pen tester. I read it like a novel and gained a lot of knowledge about Nmap and network mapping in general. The biggest outdated details are that -sP is now -sn, and that IPv6 is now supported more for Nmap. Beyond that, the functionality is mostly just extended to include new features.

Though there is much repitition throughout the book it is extremely thorough at explaining both how to use Nmap as well as explaining how it is working. For newcomers (such as myself) the repitition helps to sink concepts in. I have only made it about a third through the book so far but I have been impressed. The book even recommends which approaches are commonly detected by IDSs and gets into more subtle approaches (more so in Ch 10). This gives a great insight when analyzing IDS results, and can give ideas as to other setups which IDS's might not monitor. It also shows important firewall settings which an admin might not have thought to check. I highly recommend it.

For all nmap users, this is definitely the reference book to own for all purpose. The reader will learn the exact right way to scan hosts and subnets and most importantly the reader will be able to adapt NSE scripts to their specific targets.

La Bibbia di Nmap completa e pratica un must have per tutti i professionisti di sicurezza informatica e chi sta iniziando in questo mondo. Raccomandato.

All time best

For those who want an in-depth understanding of 90% of Nmap this is the book to read, as the book mentions there are lots of other commands and scripts that are not covered, which have been added to recent versions of Nmap. There are lots of pages to read and commands to navigate. well worth the time to obtain the knowledge on Nmap and Zenmap.

Excelente empacado, llego en óptimas condiciones ,muy recomendable.