Nmap Network Scanning is the official guide to the Nmap Security
Scanner, a free and open source utility used by millions of people for
network discovery, administration, and security auditing. From
explaining port scanning basics for novices to detailing low-level
packet crafting methods used by advanced hackers, this book suits all
levels of security and networking professionals. A 42-page reference
guide documents every Nmap feature and option, while the rest of the
book demonstrates how to apply those features to quickly solve
real-world tasks. Examples and diagrams show actual communication on
Topics include subverting firewalls and intrusion detection systems,
optimizing Nmap performance, and automating common networking tasks
with the Nmap Scripting Engine. Hints and instructions are provided
for common uses such as taking network inventory, penetration testing,
detecting rogue wireless access points, and quashing network worm
outbreaks. Nmap runs on Windows, Linux, and Mac OS X.
Nmap's original author, Gordon “Fyodor” Lyon, wrote
this book to share everything he has learned about network scanning
during more than a decade of Nmap development. It was briefly the #1
selling computer book on Amazon
(screenshot). The book is in English, though several translations are in the works.
Key facts: The ISBN is 978-0-9799587-1-7 (ISBN-10 is 0-9799587-1-7)
and suggested retail prices are $49.95 in the U.S., £34.95 in
the U.K., and €39.95 in Europe. Like most books, it costs less
online (as little as $32.97 - see purchasing
options). It is 468 pages long. The official release date was
January 1, 2009, though Amazon managed to beat that by a couple weeks.
About half of the content is available in the
free online edition. Chapters exclusive to the print edition
include “Detecting and Subverting Firewalls and Intrusion
Detection Systems”, “Optimizing Nmap Performance”,
“Port Scanning Techniques and Algorithms”, “Host
Discovery (Ping Scanning)”, and more.
The solution selections which provide detailed
instructions on the best way to solve common networking tasks are also
exclusive to the printed book. The
final table of contents and cover art are available.
Reviews are posted here as they come in. Please let me know if you post a review to your blog or anywhere else.
- “If you are looking for the book on Nmap, the search is over: NNS is a winner”—Richard Bejtlich's detailed review. NNS also made Bejtlich's Top Books of 2008 list.
- “This is the ultimate Nmap reference guide” on “Nmap, the legendary network scanner”—Ben Rothke's Slashdot review.
- “Released for sale on Amazon on December 6th and already number 1 best seller in the Computer books category, this is the MUST-HAVE book on network scanning.”—David Heath's review for ITWire.
- “This is the most revealing technical book I've ever read about a security tool. Fyodor turns Nmap inside out to explain what it does, how it does it and why it was written that way. If you are looking for a definitive book on Nmap, this is it.”—Ethan Ten's 5-star Amazon UK review.
- “Some light reading”—Metasploit author HD Moore.
- Nmap Network Scanning “is required reading for anyone securing a network” and “should be front and center on your desk for months and years to come”—Wireshark University founder Laura Chappell's glowing review.
- NNS is “a must-have book to get the most out of NMAP”, filled with examples and analysis that are “like looking over an expert's shoulder”—Mike Fratto's glowing and informative Information Week review.
- “I am amazed that after all these years I still learn stuff about nmap. The book is good and you should buy it!”—David Maynor
- NNS will “quickly become required reading for network engineers, system administrators, and anyone working in the computer security arena....I have been using nmap for nearly a decade and there were still some great tips and tricks that I found for the first time in these pages.”—Eddie Block's 5-star Amazon review.
- “Nmap is simply a required
tool in the IT toolbox. Similarly, this book is required reading for
anyone in IT to get the most out of that tool.”—About.com network security expert Tony Bradley's detailed 5-star review.
- “The book goes into the detail you would expect with the sort of information that true afficianadoes lust after” while being “easy and fun to read with great examples along the way”—David Pybus's 5-star Amazon UK review.
- “I would recommend this as a must-have book for any network or security professional, as well as anyone wanting to learn more about TCP/IP”—JP Bourget's very detailed Ethical Hacker Network review.
- Fyodor does an outstanding job covering everything from the most basic use of nmap, through advanced topics, such as evading detection”—Jon R. Kibler's enthusiastic review on the pen-test list.
- “Fyodor's absolute, incredibly definitive guide on
Nmap will imbue you with rock-solid scanning
- NNS is “The wealth of information contained in this book will have even hardcore nmap experts learning a thing or two about the preeminent network scanner.”—Brad Berkemier's review, which also calls NNS “engaging and informative” and “the ultimate nmap guide”.
- “Nmap Network Scanning is a masterpiece that teaches the reader the Art of Network Mapping and Scanning ... one of the best books I've read in years.”—Raul Siles' review.
- Foreign Coverage: Barrapunto (Spanish), Tecnozona (Spanish), Binary Zone (Arabic)
This page lists online and physical bookstores for purchasing Nmap Network Scanning. If the prices change, you find another good option, or you encounter bad service from any of these providers, please let me know.
Several people asked whether Nmap Network Scanning
is still up to date, particularly after the release of Nmap 5.00. The good news is that virtually all of the
content remains accurate. But we have added some new features and
NSE scripts which aren't yet documented in NNS.
For a comprehensive and completely current view of Nmap, I
recommend reading Nmap Network Scanning first, then read all the
changelog entries we've produced since the book was finished. The
book is completely up-to-date with Nmap 4.76. So after (or before)
you're done reading Nmap Network Scanning, visit
the Nmap changelog and search
in the file for “Nmap 4.76”. Read each item upward from there
(scrolling backward) until you get to the top.
We would love to make the Nmap book more accessible by working with foreign publishers who will translate and distribute it in their markets. If you are such a publisher or know a good one to suggest, please let me know. Here are the current or in-progress translations:
August 26: Many Barnes & Noble stores now stock NNS, as described in the purchasing section.
August 26: Editora Ciência Moderna released the Brazilian Portuguese translation. See translations.
July 31: Held a book signing at Defcon. All copies sold out in 3 hours.
July 17: Added Updates section.
July 16: Nmap 5.00 released!
June 11: The German translation from Open Source Press is now available. They also contributed back a German translation of the Nmap Reference Guide.
January 30: Today the Amazon price is back to $32.97 after several days at $37.96. I hope they keep it at this price!
January 23: Amazon has raised their prices, so I've added more purchase options, though the cheapest is still only about $4.50 less than Amazon when domestic shipping is taken into account.
January 21: NNS receives a glowing review from About.Com.
January 19: Translation contracts have been signed for Korean and Brazilian Portuguese editions of Nmap Network Scanning! See the new Translations section for details.
January 5: Acorn Publishing Co. will be publishing the official Korean translation of Nmap Network Scanning! Release is expected in August.
January 4: NNS is finally in stock at Amazon U.K. and Amazon Germany. Amazon Canada currently still has a 1-3 week backlog.
December 31, 2008: NNS makes Richard Bejtlich's TaoSecurity Top Books of 2008 list.
December 29, 2008: A new Information Week review is one of the best so far!
December 19, 2008: The book is back in stock on Amazon after a 10 day dry spell!
December 10, 2008: Amazon has now indexed this book as part of
their “Search Inside” program. While Amazon intends this
as a marketing tool for prospective buyers, it can be even more useful
for folks who already own the book. While we're proud of our index,
Search Inside can help find more obscure terms or combinations of them. You can try this out by visiting
NNS page, scrolling down to the Search Inside box, and typing in a
term such as Trinity or Microsoft.
December 9, 2008: Sales were so high that Amazon ran out of stock in the US, UK, and Germany. They say it may take a week or more to ship. Amazon still offers a great price, but for those who can't wait, I've added a purchasing options section. It includes vendor such as A1Books and Barnes & Noble with NNS in stock now.
December 9, 2008: Nmap Network Scanning sales surge further to become #1 on Amazon's computer book best seller list! Since we can't keep that rank forever, I took a screenshot (larger version).
December 8, 2008:
Slashdot review causes NNS to rocket into Amazon's top 10 computer books.
December 6, 2008: Amazon has fixed the price so it is now $33.71 rather than $49.95. NNS is in stock and shipping!
December 2, 2008: The book has an initial page on Amazon. You can pre-order it now, but Amazon is showing a pre-order price of $49.95. I expect the price to be about $33 when Amazon starts shipping it within a week or two. Amazon will probably refund the difference per their "Pre-order price guarantee", but it might be safer to wait. Book seller BOOKSPLUSMORESTUFF claims to have the book "in stock" on Amazon for $53.94 including shipping. That may or may not be true.
November 14, 2008: The book is finished and submitted to the
printer! The official release date is January 1, 2009, though our
goal is to make it available on Amazon and other retailers by
mid-December. To be notified upon publication, join the
announcement mailing list.
September 15, 2008: The Black Hat/Defcon pre-release was a huge
success! All of the Defcon copies were snapped up as soon as the
vendor room opened, and the Black Hat copies also sold out in the
first morning of the conference. Thanks to Bill Pollock of No Starch
Press and Dave Hemsath of BreakPoint Books for handling sales. My
conference presentation video and audio have
online just in time for
4.75 release which includes the new features discussed in that
July 25, 2008: Defcon Pre-Release announced! We have decided to
launch the book with a limited pre-release version at Defcon 16.
July 1, 2008: After years of work, Nmap Network Scanning is nearing completion. You can browse the current table of contents to see what is coming. We recently conducted a test-printing of some prepublication copies:
For the latest news about the Nmap book, join the low-traffic nmap-hackers announcement mailing list