Nmap Technical Guide

In real life, it's most often used to locate available hosts and services on a network, determine the operating systems and versions utilized by machines on a network and pinpoint a network's open ports. While it's a valuable tool used by security pros for performing a network inventory or a vulnerability assessment, some fear that a Maxtix-like scenario is not as far fetched as it seems, as it is also a tool in some malicious hackers' arsenals, used to help find open ports running services vulnerable to attack.

In collaboration with security expert Michael Cobb, SearchSecurity.com has produced an Nmap Technical Guide, offering up all the guidance information security professionals need to install, configure, run and evaluate Nmap in the enterprise, both on Windows and Linux platforms. Browse through the technical tips below and learn how this free tool can help make your organization more secure.

NMAP TECHNICAL GUIDE

  Introduction
  Nmap: A valuable open source tool for network security
  Installing and configuring Nmap on Windows
  Installing and configuring Nmap on Linux
  Scanning ports and services
  Nmap: More port scanning techniques
  Firewall configuration testing
  Techniques for improving scan times
  Interpreting and acting on Nmap results
  Nmap parsers and interfaces
  Nmap and the open source debate

About the author:
Michael Cobb, CISSP-ISSAP is the founder and managing director of Cobweb Applications Ltd., a consultancy that offers IT training and support in data security and analysis. He co-authored the book IIS Security and has written numerous technical articles for leading IT publications. Mike is the guest instructor for SearchSecurity's Web Security School and, as a SearchSecurity.com site expert, answers user questions on application and platform security.

This Technical Guide originally appeared on SearchSecurity.com.

Rate this Tip To rate tips, you must be a member of SearchSAP.com. Register now to start rating these tips. Log in if you are already a member. Digg This!     StumbleUpon     Del.icio.us    RELATED CONTENT Web Security Top 10 SAP tips of 2007 Privacy and your offshore operations Managed security services: What's right for you? Security buying in five easy steps Data management podcast briefing: Trends in data governance, with Gwen Thomas Data destruction Effectively using vulnerability management data SAP Security Learning Guide Eliminating spam with SpamAssassin, DSPAM and ClamAV SAP authorizations SAP security Assigning roles to all users in a group On The Spot: Mario Linkies on SAP security SAP delivers Web services for GRC integration Oracle and SAP square off on application security SAP security: Special Report Security Metrics, chapter 6: 'Visualization' Podcast: SOA and Web services security for SAP and Oracle What is the process for resetting a DDIC password? Blocking a material type in Transaction MM01 SAP security What You Can Do Managed security services: What's right for you? Security buying in five easy steps Systems management checklist: Software upgrades Dealing with backup server instability Mobile policies: Secure your corporate data with acceptable use policies RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.