Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

REVIEW: "Nmap Network Scanning", Gordon Lyon

5 views
Skip to first unread message

Rob Slade, doting grandpa of Ryan and Trevor

unread,
Apr 28, 2009, 6:20:26 PM4/28/09
to
BKNMAPNS.RVW 20090118

"Nmap Network Scanning", Gordon Lyon, 2009, 978-0-9799587-1-7, U$49.95
%A Gordon Lyon fyo...@insecure.org http://nmap.org/book
%C 370 Altair Way #113, Sunnyvale, CA 94086
%D 2009
%G 978-0-9799587-1-7 0-9799587-1-7
%I Nmap Security Scanner Project
%O U$49.95
%O http://www.amazon.com/exec/obidos/ASIN/0979958717/robsladesinterne
http://www.amazon.co.uk/exec/obidos/ASIN/0979958717/robsladesinte-21
%O http://www.amazon.ca/exec/obidos/ASIN/0979958717/robsladesin03-20
%O Audience i+ Tech 2 Writing 2 (see revfaq.htm for explanation)
%P 468 p.
%T "Nmap Network Scanning"

Nobody who is involved in network administration or security needs any
introduction to Nmap, the most widely used network mapping tool. The
preface to this book states that it is full documentation (as could be
expected from the creator of the utility), intended for Nmap users at
all levels. In addition to the features and functions of the program,
the work covers general tasks and applications in real world
conditions and environments.

Even if you are not familiar with Nmap, chapter one is a presentation
of the uses of the program (in a couple of fictional, and one real,
settings). For those with limited background there are useful outside
references, guides, and tools listed, but even with these resources
not all of the cases presented are clear. There is an interesting
discussion of the legality or advisability of port scanning, and a
brief version history of Nmap. Chapter two covers installation and
options for various operating systems. Host discovery, in chapter
three, uses Nmap as well as some other tools. The examples are
outlined clearly, but not always fully explained (particularly for
non-Nmap utilities). The text is not always transparent upon initial
reading, but some work and diligence in looking up references (often
within the book itself) will usually clarify matters. A brief
introduction to ports starts off the material on port scanning, in
chapter four, which then lists basic Nmap options. Chapter five
describes a number of more advanced patterns, useful for determining
additional information not immediately available or obvious in normal
traffic (or sometimes obfuscated). Some ideas for optimising Nmap
performance are listed in chapter six. Chapter seven explains options
related to determining what applications are running on a system,
along with two examples. Similarly, chapter eight deals with
identification and resolution of operating systems.

Chapter nine explains the Nmap Scripting Engine (NSE) structures,
language, and options, in a usably detailed fashion. Activities
specific to detecting and evading firewalls and IDSs (Intrusion
Detection Systems) are covered in chapter ten. It is, therefore, only
fair play that chapter eleven deals with issues of detecting and
protecting against Nmap and other scanning tools being used to explore
or penetrate a system.

Chapter twelve describes the Zenmap user interface which can be added
as a front end to Nmap. Output and reporting options are reviewed in
chapter thirteen. Nmap data files, and the customization they can
provide, are explained in chapter fourteen. Chapter fifteen is a
reference guide summary of the command line options: a printed version
of the Nmap man page.

Lyon fundamentally fulfills his objective. This is comprehensive
documentation for the utility: in addition, it demonstrates how the
tool can be used effectively in the real world. In some places the
author has been a little too cute in an attempt to inject humour: in
other sections the text is demanding and could have been written more
clearly. However, the guide is solidly written, overall, and useful
for pretty much any network analyst or network security analyst.

copyright Robert M. Slade, 2009 BKNMAPNS.RVW 20090118

--
======================
rsl...@vcn.bc.ca sl...@victoria.tc.ca rsl...@computercrime.org
"Dictionary of Information Security," Syngress 1597491152
http://blogs.securiteam.com/index.php/archives/author/p1/
http://blog.isc2.org/isc2_blog/slade/index.html
http://twitter.com/rslade
============= for back issues:
[Base URL] site http://victoria.tc.ca/techrev/
CISSP refs: [Base URL]mnbksccd.htm
Book reviews: [Base URL]mnbk.htm
Review mailing list: send mail to techbooks...@egroups.com
or techbooks...@topica.com

0 new messages