Nmap Technical Manual

By now, most infosec pros have heard of Nmap, and most would agree that even though the popular freeware tool is invaluable, installing, configuring and running it in the enterprise is no easy task. With that in mind, SearchSecurity.com, in collaboration with security expert Michael Cobb, has produced an Nmap Tutorial, detailing how this free tool can help make your organization more secure.

Nmap is a well-known open source tool that has found a home in the hearts of hackers, both white and black alike. Though it was first created in the late 1990s, it leapt into the pop culture consciousness in 2003 when, in the motion picture The Matrix Reloaded, the character Trinity made use of Nmap to disable an electrical plant's security measures, taking down the local power grid.

In real life, it's most often used to locate available hosts and services on a network, determine the operating systems and versions utilized by machines on a network and pinpoint a network's open ports. While it's a valuable tool used by security pros for performing a network inventory or a vulnerability assessment, some fear that a Maxtix-like scenario is not as far fetched as it seems, as it is also a tool in some malicious hackers' arsenals, used to help find open ports running services vulnerable to attack.

In collaboration with security expert Michael Cobb, SearchSecurity.com has produced an Nmap Tutorial, offering up all the guidance information security professionals need to learn how to install, configure, run and evaluate Nmap in the enterprise, both on Windows and Linux platforms. Browse through the technical tips below and learn how this free tool can help make your organization more secure.


NMAP TECHNICAL MANUAL

  Introduction
  Nmap: A valuable open source tool for network security
  How to install and configure Nmap for Windows
  How to Install and configure Nmap on Linux
  How to scan ports and services
  More port scanning techniques
  Firewall configuration testing
  Techniques for improving Nmap scan times
  How to interpret and act on Nmap scan results
  Nmap parsers and interfaces
  Nmap and the open source debate

About the author:
Michael Cobb, CISSP-ISSAP is the founder and managing director of Cobweb Applications Ltd., a consultancy that offers IT training and support in data security and analysis. He co-authored the book IIS Security and has written numerous technical articles for leading IT publications. Mike is the guest instructor for SearchSecurity's Web Security School and, as a SearchSecurity.com site expert, answers user questions on application and platform security.

Read more on IT risk management