This book documents the free Nmap Security Scanner, from port scanning basics for novices to the types of packet crafting used by advanced hackers. It should benefit Nmap users (or potential users) of all experience levels.

Starting with the basics, this book gives an overview of Nmap by example in Chapter 1. Then Chapter 2 covers obtaining, compiling and installing Nmap. Chapters 3 through 5 cover features in the order you might use them when conducting a penetration test. First comes host discovery (“ping scanning”), which determines the available hosts on a network. Next, port scanning is covered in depth. In Chapter 5, all the Nmap scanning techniques are detailed, with advice and examples. Scanning a large network can take a long time, so Chapter 6 is full of performance optimization advice. Chapter 7 details service and application version detection, in which Nmap queries ports to determine exactly what is running rather than simply guessing based on the port number. Chapter 8 covers one of Nmap's most loved features: remote OS detection. Chapter 9 details one of Nmap's newest features: the Nmap Scripting Engine. NSE allows users and developers to easily extend Nmap with new features by writing simple scripts to be efficiently executed against target machines. My favorite chapter is number 10: Detecting and Subverting Firewalls and Intrusion Detection Systems. For balance, that is followed by a chapter on defending against Nmap scans. Chapter 12 then fully documents the Zenmap multi-platform Nmap GUI and results viewer. The next two chapters cover output formats and data files. The final and longest chapter is the Nmap Reference Guide, a quick resource for looking up specific Nmap options.

Scattered throughout the book are detailed instructions for performing common tasks such as scanning a network for a certain single open TCP port or detecting wireless access points by scanning from the wired side. First each problem is described, then an effective solution is provided. A final discussion section describes the solution in more depth and may provide alternative solutions and insights into similar problems.