NMAP Network Scanning: A Must-Have Addition To Your Library - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Software // Information Management
Commentary
12/29/2008
03:08 PM
Mike Fratto
Mike Fratto
Commentary
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail
50%
50%

NMAP Network Scanning: A Must-Have Addition To Your Library

NMAP, the open source network mapping tool, should be in any network or security administrator's toolbox. It's a feature-rich network scanner that goes far beyond port scanning such as service and OS detection, stealth and evasion modes, and sports an internal scripting engine. NMAP Network Scanning, a reference guide written by Gordon Lyon, a.k.a. Fyodor, is a must-have book to get the most out of NMAP.

NMAP, the open source network mapping tool, should be in any network or security administrator's toolbox. It's a feature-rich network scanner that goes far beyond port scanning such as service and OS detection, stealth and evasion modes, and sports an internal scripting engine. NMAP Network Scanning, a reference guide written by Gordon Lyon, a.k.a. Fyodor, is a must-have book to get the most out of NMAP.The self-published book is a solid reference work complete with explanations on how and why NMAP features work, examples on how to use them, how to interpret the results, and real-life scenarios showing interesting use cases. The writing and explanations are clear and concise but do require familiarity with common protocols like Ethernet, IP, TCP/UDP, as well as common services like Sun RPC and Windows Networking. Information that IT and security administrators should already have.

You can skip the first two chapters if you're already familiar with NMAP and know how to install software on your chosen operating system. Many Linux users nowadays will simply use whatever version of NMAP is packaged for that distribution and the program is often installed by default. If you're compiling from source, you will want to read the text that comes with the source code and run "configure -help" for the compiler directives.

Chapter 3, Host Discovery, gets into using NMAP. Within a few pages, you learn to run host discovery as well as techniques to find IP addresses to feed NMAP. The latter is an example of where the book shines. Throughout the book, Lyon provides guidance on relevant topics required to get the most out of NMAP, like how to find an organizations IP address range. The rest of the chapter describes various ways to discover hosts using ICMP, TCP, and UDP, and where each type of scan is applicable and any pitfalls.

Chapters 4 and 5, Port Scanning Overview and Port Scanning Techniques and Algorithms, dig into the heart of NMAP -- port scanning for every occasion. Filled with insights on everything from timing options to firewall and IDS evasion techniques, chapter 4 should be read regardless of your NMAP skill level. That prepares you for chapter 5, where Lyon explains the different scan types, what they are used for, and how to interpret the results. Each of the scan types includes screen shots of the output as well as an analysis of what occurred. It's like looking over an expert's shoulder and you're bound to learn more about NMAP more quickly by understanding the examples and applying them than simply trying the scan types on your own. Chapter 5 ends with a quick overview of optimizing NMAP scans, the topic of chapter 6.

By the time you reach chapter 7, Service and Application Version Detection and Remote OS Detection, and chapter 8, Remote OS Detection, you know you're heading into the guts of NMAP. Lyon's in-depth description of service and OS detection is deep and thorough. You don't need to know the gory details to use these NMAP features, but understanding how service and OS detection works will deepen your appreciation of what NMAP can do. Chapter 7 winds up with two examples, finding nonstandard applications on your network and finding open proxies. Chapter 8 describes a way to find wireless access points on a network, which is a common headache for IT administrators.

Chapter 9, NMAP Scripting Engine, provides and overview of NSE and a brief description of the scripts that ship with the NMAP program as well as the NMAP application programming interface (API). Lyon then runs through a tutorial in writing NMAP scripts. Here again, Lyon provides source listings and explanation of the API and scripting features that are immediately useful.

Chapters 10 and 11, focus on detecting firewalls and intrusion-detection systems and techniques to defend against NMAP scans. Good reading for any IT and security administrator and come near the end of the book since these chapters leverage information already stated earlier in the book. Chapter 12 describes Zenmap, the NMAP GUI, if you're so inclined to such things. And the final chapters round out the book describing the output formats and data files used by NMAP with examples and explanations on use.

On the cover page, Lyon promises to tell you how to use NMAP to solve real world network security and network management tasks. He delivers on that promise with clear and concise text, screen shots, and examples. If you use NMAP, this is a must-have book.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Slideshows
IT Careers: 12 Job Skills in Demand for 2020
Cynthia Harvey, Freelance Journalist, InformationWeek,  10/1/2019
Commentary
Enterprise Guide to Multi-Cloud Adoption
Cathleen Gagne, Managing Editor, InformationWeek,  9/27/2019
Commentary
5 Ways CIOs Can Better Compete to Recruit Top Tech Talent
Guest Commentary, Guest Commentary,  10/2/2019
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
Data Science and AI in the Fast Lane
This IT Trend Report will help you gain insight into how quickly and dramatically data science is influencing how enterprises are managed and where they will derive business success. Read the report today!
Slideshows
Flash Poll