|
Nmap in the Enterprise: Your Guide to Network Scanning | 
 enlarge | Authors: Angela Orebaugh, Becky Pinkard
Publisher: Syngress
Category: Book
List Price: $59.95
Buy New: $43.16
You Save: $16.79 (28%)
New (24) Used (5) from $33.30
Avg. Customer Rating:  4 reviews
Sales Rank: 809955
Media: Paperback
Number Of Items: 1
Pages: 384
Shipping Weight (lbs): 1.2
Dimensions (in): 8.9 x 7.4 x 0.8
ISBN: 1597492418
Dewey Decimal Number: 005
EAN: 9781597492416
ASIN: 1597492418
Publication Date: January 14, 2008
Availability: Usually ships in 24 hours
|
| Similar Items:
|
| Editorial Reviews:
Product Description
Nmap, or Network Mapper, is a free, open source tool that is available under the GNU General Public License as published by the Free Software Foundation. It is most often used by network administrators and IT security professionals to scan corporate networks, looking for live hosts, specific services, or specific operating systems. Part of the beauty of Nmap is its ability to create IP packets from scratch and send them out utilizing unique methodologies to perform the above-mentioned types of scans and more. This book provides comprehensive coverage of all Nmap features, including detailed, real-world case studies.
Understand Network Scanning
Master networking and protocol fundamentals, network scanning techniques, common network scanning tools, along with network scanning and policies.
Get Inside Nmap
Use Nmap in the enterprise, secure Nmap, optimize Nmap, and master advanced Nmap scanning techniques.
Install, Configure, and Optimize Nmap
Deploy Nmap on Windows, Linux, Mac OS X, and install from source.
Take Control of Nmap with the Zenmap GUI
Run Zenmap, manage Zenmap scans, build commands with the Zenmap command wizard, manage Zenmap profiles, and manage Zenmap results.
Run Nmap in the Enterprise
Start Nmap scanning, discover hosts, port scan, detecting operating systems, and detect service and application versions
Raise those Fingerprints
Understand the mechanics of Nmap OS fingerprinting, Nmap OS fingerprint scan as an administrative tool, and detect and evade the OS fingerprint scan.
Tool around with Nmap
Learn about Nmap add-on and helper tools: NDiff--Nmap diff, RNmap--Remote Nmap, Bilbo, Nmap-parser.
Analyze Real-World Nmap Scans
Follow along with the authors to analyze real-world Nmap scans.
Master Advanced Nmap Scanning Techniques
Torque Nmap for TCP scan flags customization, packet fragmentation, IP and MAC address spoofing, adding decoy scan source IP addresses, add random data to sent packets, manipulate time-to-live fields, and send packets with bogus TCP or UDP checksums.
|
| Customer Reviews:
 Nmap for Dummies would have been a better title September 1, 2008
Wow. What a light weight book! I expect (and usually receive) MUCH better from Syngress. This book would make a good "Dummies" book, but it is way too lightweight for a security professional's use.
Editorially, the book is well written, and Syngress did its usual good job of finding all the typos. (I think I only saw one really glaring typo in the book.) Where Syngress fell down was on content review, and having someone review the book for an appropriate depth of content. Their marketing folks also greatly overhyped the content on the book's covers, giving the impression of in-depth content on topics that have only minimal coverage.
I purchased the book because it was advertised as having information on "Automate Tasks with the Nmap Scripting Engine." Yeah, 3 pages. Reading the description of the book, I would have expected great detail on the NSE, including how to write NSE scripts. Not a word of advise on how to do so. Not even an illustration showing a sample script.
The cover of the book also advertises "Analyze Real-World Scans and Examples." That lead me to expect to pick up new tips and tricks on using nmap's advanced scanning capabilities. I had hoped to find some examples of creating and interpreting advanced scans. Not a word on how to create and interpret anything more than trivial to basic scans.
I was also hoping to have see some detailed and in-depth information in the book about firewall testing and IDS evasion. Again, little to no content here.
If you have ever actually read the nmap man page, don't waste your money on this book. You would be better off reading some of the papers on Fyodor's (namp's creator) web site (http://nmap.org/docs.html) and save yourself $50. Or, save your money and buy Fyodor's book when it comes out 'any day now.'
I really have to wonder if the authors have ever even seen Fyodor talk on nmap at any of the security conferences. If they had, I would have thought that the book would have had a lot more depth than it did. Even his most basic talks have FAR more depth than this book.
I am really really disappointed in this book. Syngress should have had it reviewed by someone who is an advanced user of nmap. I cannot believe how little information there is in this book for anyone beyond a first time user.
I notice that one of the authors is working on her PhD. I hope she puts a lot more detail and depth into her dissertation than she did this book. Otherwise, I can guarantee her it would never make it out of committee.
An "Average" Nmap Book August 9, 2008
For a book that's roughly 200 pages long (and it's a smaller book in terms of overall dimensions--near "pamphlet" size) I was somewhat disappointed with the book. Many IT related books are far less expensive! The contents of the book matched much of the information found on Nmap's site (insecure.org). The number of URL links in this book (pointing to this site) made me feel like I should have saved my 40 bucks and gone straight to the website. If you're looking for comprehensive information on Nmap just buy Fyodor's/Insecure.org's book (which should be out in the next month). Of course, if you prefer to have your bank account 'hacked' (losing 40 some dollars) feel free to buy this book instead.
Basic introduction to Nmap with no real enterprise focus June 8, 2008
3 out of 3 found this review helpful
Initially I hoped Nmap in the Enterprise (NITE) would live up to its title. I was excited to see "Automate Tasks with the Nmap Scripting Engine (NSE)" on the cover, in addition to the "Enterprise" focus. It turns out that beyond a few command line options of which I was not previously aware, and some good info on interpreting OS fingerprinting output in Ch 6, I didn't learn much by reading NITE. If you are new to Nmap or network scanning you will probably like NITE, but if you want a real enterprise focus or information on NSE you will be disappointed.
If you're going to make "Enterprise" part of the title for NITE, I would expect more attention paid to one of the biggest problems in enterprise scanning: data management. You can scan all you want, but the real problem is doing something intelligent with the output. With about 21 pages of text, Ch 7 (Tooling Around With Nmap) is the closest NITE comes to saying something about managing Nmap output beyond the single, smallish scan scenario. Unfortunately, the chapter is not up to the task.
Some might consider it unfair to criticize the book if there really is no enterprise-quality Nmap support application available. If that is the case, I have two replies. First, change the focus. Second, implement that application, and include it in the book. If you think the second is too much work, consider my reviews of the Hacking Exposed titles on Wireless, VoIP, or Cisco. All three author teams wrote specific tools to address shortcomings in each of their subject areas, and then included them in their three books. Not all authors can do this, but that level of effort really contributes to an outstanding book.
Turning to NSE, I hoped to learn about how to use Lua scripting with Nmap. The section on NSE is less than three full pages (pp 116-118) and basically concludes with a reference to the Nmap home page for more information. In the one place where the newest book on Nmap could have differentiated itself from its predecessors (many other Syngress books, Osborne's Anti-Hacker Toolkit or Hacking Exposed, and so on), NITE avoids the issue.
Aside from these issues, NITE is a good book for those with basic or perhaps intermediate experience with Nmap. Most of the items I found useful could have been gleaned from the Nmap man page or changelog, but I'll mention a few here. P 96 shows using the --reason switch to give more detail on responses from targets. PP 97-99 show using the -sL switch for list scans and -PN as the replacement for -P0. Note that Table 4.2 says -sN replaces -P0; it should say -PN replaces -P0 due to confusion with -PO (used for Internet Protocol enumeration). I liked the --osscan-limit switch on p 111 to only perform OS identification against targets offering at least one open and one closed port. P 127 reminded me of runtime interaction commands, like v/V for verbosity, d/D for debugging, and p/P for packet tracing. P 129 demonstrated the value of using --log-errors.
Ch 6 (Nmap OS Fingerprinting) was my favorite chapter. I liked the explanation of the components of an OS fingerprint. I hadn't seen this so thoroughly explained elsewhere, although it might exist. Overall, I should mention that the book was much better written than the average Syngress title. I credit the two (and only) authors for this level of quality.
If you have no other references for Nmap, and you use the tool in limited engagements, you should buy this book. If you're looking for help with real enterprise use or advanced Nmap usage, keep looking. Perhaps a second edition will address these issues?
 Great Intro March 17, 2008
1 out of 1 found this review helpful
I've been using Nmap for a few years now as a basic scanner, not needing more that the little that I have needed it. This book give a great overview to the basics of nmap and good ways to log your scans. it's very current, they use nmap 4.50 in the book and 4.60 just came out so it's very current. For any network administrators out there that haven't used nmap or were scared of the command line, get this book. nmap is the best, you'll learn a great deal about using it in your network to map your network out. The authors show you how to log, do some assessment tests, scan, etc.
it's funny that ethereal/wireshark, snort...etc all have many books written about them, but there's only 2 that i know of for nmap, this one, Professor Messer has a whole site dedicated to nmap and he has written an ebook (also own it, great! and he has webinars). I know Fyodor is compiling a book but who knows when that'll be out.
Do yourself a favor if you administer any network, get this book because nmap will be your new best friend!!!
Great!
|
|
|
Copyright 2008 - RailroadBookstore.com
| |
