Nmap Network Scanning
Nmap Network Scanning is the official guide to the Nmap Security Scanner, a free and open source utility used by millions of people for network discovery, administration, and security auditing. From explaining port scanning basics for novices to detailing low-level packet crafting methods used by advanced hackers, this book suits all levels of security and networking professionals. A 42-page reference guide documents every Nmap feature and option, while the rest of the book demonstrates how to apply those features to quickly solve real-world tasks. Examples and diagrams show actual communication on the wire.
Topics include subverting firewalls and intrusion detection systems, optimizing Nmap performance, and automating common networking tasks with the Nmap Scripting Engine. Hints and instructions are provided for common uses such as taking network inventory, penetration testing, detecting rogue wireless access points, and quashing network worm outbreaks. Nmap runs on Windows, Linux, and Mac OS X.
Nmap's original author, Gordon “Fyodor” Lyon, wrote this book to share everything he has learned about network scanning during more than a decade of Nmap development. It was briefly the #1 selling computer book on Amazon (screenshot). The book is in English, though several translations are in the works.
Key facts: The ISBN is 978-0-9799587-1-7 (ISBN-10 is 0-9799587-1-7) and suggested retail prices are $49.95 in the U.S., £34.95 in the U.K., and €39.95 in Europe. Like most books, it costs less online (as little as $32.97 - see purchasing options). It is 468 pages long. The official release date was January 1, 2009, though Amazon managed to beat that by a couple weeks.
About half of the content is available in the free online edition. Chapters exclusive to the print edition include “Detecting and Subverting Firewalls and Intrusion Detection Systems”, “Optimizing Nmap Performance”, “Port Scanning Techniques and Algorithms”, “Host Discovery (Ping Scanning)”, and more. The solution selections which provide detailed instructions on the best way to solve common networking tasks are also exclusive to the printed book. The final table of contents and cover art are available.
Reviews are posted here as they come in. Please let me know if you post a review to your blog or anywhere else. Nmap Network Scanning has a 4.8-star rating with 314 reviews on Amazon.com as of February 2022.
- “If you are looking for the book on Nmap, the search is over: NNS is a winner”—Richard Bejtlich's detailed review. NNS also made Bejtlich's Top Books of 2008 list.
- “This is the ultimate Nmap reference guide” on “Nmap, the legendary network scanner”—Ben Rothke's Slashdot review.
- “Released for sale on Amazon on December 6th and already number 1 best seller in the Computer books category, this is the MUST-HAVE book on network scanning.”—David Heath's review for ITWire.
- “This is the most revealing technical book I've ever read about a security tool. Fyodor turns Nmap inside out to explain what it does, how it does it and why it was written that way. If you are looking for a definitive book on Nmap, this is it.”—Ethan Ten's 5-star Amazon UK review.
- “Some light reading”—Metasploit author HD Moore.
- Nmap Network Scanning “is required reading for anyone securing a network” and “should be front and center on your desk for months and years to come”—Wireshark University founder Laura Chappell's glowing review.
- NNS is “a must-have book to get the most out of NMAP”, filled with examples and analysis that are “like looking over an expert's shoulder”—Mike Fratto's glowing and informative Information Week review.
- “I am amazed that after all these years I still learn stuff about nmap. The book is good and you should buy it!”—David Maynor
- NNS will “quickly become required reading for network engineers, system administrators, and anyone working in the computer security arena....I have been using nmap for nearly a decade and there were still some great tips and tricks that I found for the first time in these pages.”—Eddie Block's 5-star Amazon review.
- “Nmap is simply a required tool in the IT toolbox. Similarly, this book is required reading for anyone in IT to get the most out of that tool.”—About.com network security expert Tony Bradley's detailed 5-star review.
- “The book goes into the detail you would expect with the sort of information that true afficianadoes lust after” while being “easy and fun to read with great examples along the way”—David Pybus's 5-star Amazon UK review.
- “I would recommend this as a must-have book for any network or security professional, as well as anyone wanting to learn more about TCP/IP”—JP Bourget's very detailed Ethical Hacker Network review.
- Fyodor does an outstanding job covering everything from the most basic use of nmap, through advanced topics, such as evading detection”—Jon R. Kibler's enthusiastic review on the pen-test list.
- “Fyodor's absolute, incredibly definitive guide on Nmap will imbue you with rock-solid scanning stratagems”—Josef Chamberlin's 5-star Amazon review.
- “The wealth of information contained in this book will have even hardcore nmap experts learning a thing or two about the preeminent network scanner.”—Brad Berkemier's review, which also calls NNS “engaging and informative” and “the ultimate nmap guide”.
- “Nmap Network Scanning is a masterpiece that teaches the reader the Art of Network Mapping and Scanning ... one of the best books I've read in years.”—Raul Siles' review.
Foreign Coverage: Barrapunto (Spanish), Tecnozona (Spanish), Binary Zone (Arabic)
This page lists online and physical bookstores for purchasing Nmap Network Scanning. If the prices change, you find another good option, or you encounter bad service from any of these providers, please let me know.
- Amazon.Com sells the book for $32.97, which includes domestic shipping. It is also available from International Amazon sites such as Amazon.Co.UK, Amazon.CA, and Amazon.DE.
- Barnes & Noble stocks NNS at many of their U.S. stores. From their Nmap Network Scanning page, enter your zip code in the "pick me up" box on the right hand side for a list of nearby stores which carry it. You can also order it online from that page, though it is cheaper at Amazon.
- KIMBooks lists NNS for $29.97. Domestic (U.S.) shipping is $3.15, for a total price of $33.12.
- A1Books.Com lists the book for $30.32. Shipping is $3.95 to the US (total price: $34.27) or $8.99 international (total: $39.31). Save an additional 5% if you sign up with a .edu email address.
- Tower Books sells NNS for $35.99 with free domestic shipping.
- Germans can purchase the book online from Lehmanns or at their physical bookstores in Berlin and Hamburg (call first to ensure stocking).
Several people asked whether Nmap Network Scanning is still up to date, particularly after the release of Nmap 5.00. The good news is that virtually all of the content remains accurate. But we have added some new features and NSE scripts which aren't yet documented in NNS.
For a comprehensive and completely current view of Nmap, I recommend reading Nmap Network Scanning first, then read all the changelog entries we've produced since the book was finished. The book is completely up-to-date with Nmap 4.76. So after (or before) you're done reading Nmap Network Scanning, visit the Nmap changelog and search in the file for “Nmap 4.76”. Read each item upward from there (scrolling backward) until you get to the top.
We would love to make the Nmap book more accessible by working with foreign publishers who will translate and distribute it in their markets. If you are such a publisher or know a good one to suggest, please let me know. Here are the current or in-progress translations:
- Nmap - Netzwerke scannen, analysieren und absichern is the German translation by Open Source Press, released in June 2009 at a list price of €39.90. Translation was performed expertly by Dinu Gherman. They have contributed back their Nmap Reference Guide German translation.
- Exame de Redes com NMAP is the Brazilian Portuguese translation by Editora Ciência Moderna. Translation was done by Angico and release was August 26, 2009. You can buy it directly from the publisher for R$95.20.
- The official Korean translation, entitled 엔맵 네트워크 스캐닝, has been created by Acorn Publishing Co. The release date was November 16, 2009 at a list price of KRW 35,000.
August 26: Many Barnes & Noble stores now stock NNS, as described in the purchasing section.
August 26: Editora Ciência Moderna released the Brazilian Portuguese translation. See translations.
July 31: Held a book signing at Defcon. All copies sold out in 3 hours.
July 17: Added Updates section.
July 16: Nmap 5.00 released!
June 11: The German translation from Open Source Press is now available. They also contributed back a German translation of the Nmap Reference Guide.
January 30: Today the Amazon price is back to $32.97 after several days at $37.96. I hope they keep it at this price!
January 23: Amazon has raised their prices, so I've added more purchase options, though the cheapest is still only about $4.50 less than Amazon when domestic shipping is taken into account.
January 21: NNS receives a glowing review from About.Com.
January 19: Translation contracts have been signed for Korean and Brazilian Portuguese editions of Nmap Network Scanning! See the new Translations section for details.
January 5: Acorn Publishing Co. will be publishing the official Korean translation of Nmap Network Scanning! Release is expected in August.
January 4: NNS is finally in stock at Amazon U.K. and Amazon Germany. Amazon Canada currently still has a 1-3 week backlog.
December 31, 2008: NNS makes Richard Bejtlich's TaoSecurity Top Books of 2008 list.
December 29, 2008: A new Information Week review is one of the best so far!
December 19, 2008: The book is back in stock on Amazon after a 10 day dry spell!
December 10, 2008: Amazon has now indexed this book as part of their “Search Inside” program. While Amazon intends this as a marketing tool for prospective buyers, it can be even more useful for folks who already own the book. While we're proud of our index, Search Inside can help find more obscure terms or combinations of them. You can try this out by visiting the Amazon NNS page, scrolling down to the Search Inside box, and typing in a term such as Trinity or Microsoft.
December 9, 2008: Sales were so high that Amazon ran out of stock in the US, UK, and Germany. They say it may take a week or more to ship. Amazon still offers a great price, but for those who can't wait, I've added a purchasing options section. It includes vendor such as A1Books and Barnes & Noble with NNS in stock now.
December 9, 2008: Nmap Network Scanning sales surge further to become #1 on Amazon's computer book best seller list! Since we can't keep that rank forever, I took a screenshot (larger version).
December 8, 2008: An excellent Slashdot review causes NNS to rocket into Amazon's top 10 computer books.
December 6, 2008: Amazon has fixed the price so it is now $33.71 rather than $49.95. NNS is in stock and shipping!
December 2, 2008: The book has an initial page on Amazon. You can pre-order it now, but Amazon is showing a pre-order price of $49.95. I expect the price to be about $33 when Amazon starts shipping it within a week or two. Amazon will probably refund the difference per their "Pre-order price guarantee", but it might be safer to wait. Book seller BOOKSPLUSMORESTUFF claims to have the book "in stock" on Amazon for $53.94 including shipping. That may or may not be true.
November 14, 2008: The book is finished and submitted to the printer! The official release date is January 1, 2009, though our goal is to make it available on Amazon and other retailers by mid-December. To be notified upon publication, join the low-traffic nmap-hackers announcement mailing list.
September 15, 2008: The Black Hat/Defcon pre-release was a huge success! All of the Defcon copies were snapped up as soon as the vendor room opened, and the Black Hat copies also sold out in the first morning of the conference. Thanks to Bill Pollock of No Starch Press and Dave Hemsath of BreakPoint Books for handling sales. My conference presentation video and audio have been posted online just in time for the Nmap 4.75 release which includes the new features discussed in that presentation.
July 25, 2008: Defcon Pre-Release announced! We have decided to launch the book with a limited pre-release version at Defcon 16.
July 1, 2008: After years of work, Nmap Network Scanning is nearing completion. You can browse the current table of contents to see what is coming. We recently conducted a test-printing of some prepublication copies:
For the latest news about the Nmap book, join the low-traffic nmap-hackers announcement mailing list