I just got back from a 9-day tour of various western USA places as the Grand Tetons, Yellowstone, Kodachrome, and Zion National Park. Along the way, I busted my travel laptop, so I haven't been updating this blog. But now that I'm home again, I can post this Book Report for Nmap Network Scanning.
I bought this book because it was an Amazon recommendation. This taught me... to be skeptical of Amazon recommendations.
nmap is a computer security tool. Or a computer hacking tool. It's a port scanner. That is, if there are a bunch of machines on a network, each of which might be listening on one or more ports, this tool will scan each of those ports on each of those machines, reporting back on who was listening.
nmap is especially interesting because it's set up as a framework; it's pretty easy to add new ways to scan. E.g., if you don't want those other machines to know where all of these network probes are coming from,
nmap can take advantage of an idle server.
nmap crafts network packets to look like they came from the idle server and sends those packets to the target machine. The target machine "responds" by sending information back to the idle server. (Maybe the target's sysadmin gets suspicious—but they might blame the idle server.) A little while later,
nmap asks the idle server if it's seen any packets lately. Since the idle server is usually idle, probably the only packets it sees is stuff from the target machine. Neat: TCP Idle Scan. Normally, you'd expect to have to set up a separate program for this, but
nmap has it as just another way to scan.
There's interesting stuff in this book, but I won't use it. I didn't finish it. I'm not a network security administrator. I'm not trying to break into computers, either.
nmap is a pretty feature-rich program, and I'm too lazy to learn a bunch of features that I'll never get around to using.