Nmap Network Scanning is the official guide to the Nmap Security
Scanner, a free and open source utility used by millions of people for
network discovery, administration, and security auditing. From
explaining port scanning basics for novices to detailing low-level
packet crafting methods used by advanced hackers, this book suits all
levels of security and networking professionals. A 42-page reference
guide documents every Nmap feature and option, while the rest of the
book demonstrates how to apply those features to quickly solve
real-world tasks. Examples and diagrams show actual communication on
Topics include subverting firewalls and intrusion detection systems,
optimizing Nmap performance, and automating common networking tasks
with the Nmap Scripting Engine. Hints and instructions are provided
for common uses such as taking network inventory, penetration testing,
detecting rogue wireless access points, and quashing network worm
outbreaks. Nmap runs on Windows, Linux, and Mac OS X.
Nmap's original author, Gordon “Fyodor” Lyon, wrote
this book to share everything he has learned about network scanning
during more than a decade of Nmap development. It was briefly the #1
selling computer book on Amazon
(screenshot). The book is in English, though several translations are in the works.
Key facts: The ISBN is 978-0-9799587-1-7 (ISBN-10 is 0-9799587-1-7)
and suggested retail prices are $49.95 in the U.S., £34.95 in
the U.K., and €39.95 in Europe. Like most books, it costs less
online (as little as $32.97 - see purchasing
options). It is 468 pages long. The official release date was
January 1, 2009, though Amazon managed to beat that by a couple weeks.
About half of the content is available in the
free online edition. Chapters exclusive to the print edition
include “Detecting and Subverting Firewalls and Intrusion
Detection Systems”, “Optimizing Nmap Performance”,
“Port Scanning Techniques and Algorithms”, “Host
Discovery (Ping Scanning)”, and more.
The solution selections which provide detailed
instructions on the best way to solve common networking tasks are also
exclusive to the printed book. The
final table of contents and cover art are available.
Reviews are posted here as they come in. Please let me know if you post a review to your blog or anywhere else.
“If you are looking for the book on Nmap, the search is over: NNS is a winner”—Richard Bejtlich's detailed review. NNS also made Bejtlich's Top Books of 2008 list.
“This is the ultimate Nmap reference guide” on “Nmap, the legendary network scanner”—Ben Rothke's Slashdot review.
“Released for sale on Amazon on December 6th and already number 1 best seller in the Computer books category, this is the MUST-HAVE book on network scanning.”—David Heath's review for ITWire.
“This is the most revealing technical book I've ever read about a security tool. Fyodor turns Nmap inside out to explain what it does, how it does it and why it was written that way. If you are looking for a definitive book on Nmap, this is it.”—Ethan Ten's 5-star Amazon UK review.
Nmap Network Scanning “is required reading for anyone securing a network” and “should be front and center on your desk for months and years to come”—Wireshark University founder Laura Chappell's glowing review.
“I am amazed that after all these years I still learn stuff about nmap. The book is good and you should buy it!”—David Maynor
NNS will “quickly become required reading for network engineers, system administrators, and anyone working in the computer security arena....I have been using nmap for nearly a decade and there were still some great tips and tricks that I found for the first time in these pages.”—Eddie Block's 5-star Amazon review.
“Nmap is simply a required
tool in the IT toolbox. Similarly, this book is required reading for
anyone in IT to get the most out of that tool.”—About.com network security expert Tony Bradley's detailed 5-star review.
“The book goes into the detail you would expect with the sort of information that true afficianadoes lust after” while being “easy and fun to read with great examples along the way”—David Pybus's 5-star Amazon UK review.
“Fyodor's absolute, incredibly definitive guide on
Nmap will imbue you with rock-solid scanning
NNS is “The wealth of information contained in this book will have even hardcore nmap experts learning a thing or two about the preeminent network scanner.”—Brad Berkemier's review, which also calls NNS “engaging and informative” and “the ultimate nmap guide”.
“Nmap Network Scanning is a masterpiece that teaches the reader the Art of Network Mapping and Scanning ... one of the best books I've read in years.”—Raul Siles' review.
This page lists online and physical bookstores for purchasing Nmap Network Scanning. If the prices change, you find another good option, or you encounter bad service from any of these providers, please let me know.
Several people asked whether Nmap Network Scanning
is still up to date, particularly after the release of Nmap 5.00. The good news is that virtually all of the
content remains accurate. But we have added some new features and
NSE scripts which aren't yet documented in NNS.
For a comprehensive and completely current view of Nmap, I
recommend reading Nmap Network Scanning first, then read all the
changelog entries we've produced since the book was finished. The
book is completely up-to-date with Nmap 4.76. So after (or before)
you're done reading Nmap Network Scanning, visit
the Nmap changelog and search
in the file for “Nmap 4.76”. Read each item upward from there
(scrolling backward) until you get to the top.
We would love to make the Nmap book more accessible by working with foreign publishers who will translate and distribute it in their markets. If you are such a publisher or know a good one to suggest, please let me know. Here are the current or in-progress translations:
December 10, 2008: Amazon has now indexed this book as part of
their “Search Inside” program. While Amazon intends this
as a marketing tool for prospective buyers, it can be even more useful
for folks who already own the book. While we're proud of our index,
Search Inside can help find more obscure terms or combinations of them. You can try this out by visiting
NNS page, scrolling down to the Search Inside box, and typing in a
term such as Trinity or Microsoft.
December 9, 2008: Sales were so high that Amazon ran out of stock in the US, UK, and Germany. They say it may take a week or more to ship. Amazon still offers a great price, but for those who can't wait, I've added a purchasing options section. It includes vendor such as A1Books and Barnes & Noble with NNS in stock now.
December 6, 2008: Amazon has fixed the price so it is now $33.71 rather than $49.95. NNS is in stock and shipping!
December 2, 2008: The book has an initial page on Amazon. You can pre-order it now, but Amazon is showing a pre-order price of $49.95. I expect the price to be about $33 when Amazon starts shipping it within a week or two. Amazon will probably refund the difference per their "Pre-order price guarantee", but it might be safer to wait. Book seller BOOKSPLUSMORESTUFF claims to have the book "in stock" on Amazon for $53.94 including shipping. That may or may not be true.
November 14, 2008: The book is finished and submitted to the
printer! The official release date is January 1, 2009, though our
goal is to make it available on Amazon and other retailers by
mid-December. To be notified upon publication, join the
announcement mailing list.
September 15, 2008: The Black Hat/Defcon pre-release was a huge
success! All of the Defcon copies were snapped up as soon as the
vendor room opened, and the Black Hat copies also sold out in the
first morning of the conference. Thanks to Bill Pollock of No Starch
Press and Dave Hemsath of BreakPoint Books for handling sales. My
conference presentation video and audio have
online just in time for
4.75 release which includes the new features discussed in that
July 25, 2008: Defcon Pre-Release announced! We have decided to
launch the book with a limited pre-release version at Defcon 16.
July 1, 2008: After years of work, Nmap Network Scanning is nearing completion. You can browse the current table of contents to see what is coming. We recently conducted a test-printing of some prepublication copies: