Nmap: article 200901

Below is a nice video and some great links that can help you wade into using Nmap.



Nmap nmap.org created by Fyodor is one of my favorite tools for everything from pen-testing to network inventory and the price is right; free. I find it helpful for discovering nodes on a network and if you come across something interesting it's helpful for determining what that node possibly could be.
An example of some handy commands are:



"nmap -O " - this gives me list of possible open ports and a solid guess as to what OS is running. I nice simple evaluation to make sure nothing more is open than should be.



"nmap -sP -PP " This is useful when scanning a range that may be behind a firewall and you recieve false information. The -sP goes no further than ping, this is handy for me when I want to just pipe the output to file that I later edit to have list of host names, if they resolve and IPs. The -PP sends a timestamp request as opposed to the typical echo request.





Darren Kitchen from HAK5 gives a nice intro in the video below.









Mark Wolfgang gives a nice quick read on some advanced scanning tecniques.



http://moonpie.org/writings/discovery.pdf



And straight from the horse's mouth: NMAP Network Scanning written by Fyodor himself.

http://nmap.org/book/