Reddit Reddit reviews Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning

We found 8 Reddit comments about Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning. Here are the top ones, ranked by their Reddit score.

Computers & Technology
Books
Computer & Technology Certification Guides
CompTIA
Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning
ISBN13: 9780979958717Condition: NewNotes: BRAND NEW FROM PUBLISHER! 100% Satisfaction Guarantee. Tracking provided on most orders. Buy with Confidence! Millions of books sold!
Check price on Amazon

8 Reddit comments about Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning:

u/koeningyou666 · 73 pointsr/netsecstudents

In my opinion; every book in this bundle is a bag of shit.

Here's a list of reputable books, again in my opinion (All links are Non-Affiliate Links):

Web Hacking:

The Web Hackers Handbook (Link)

Infrastructure:

Network Security Assessment (Link)

Please Note: The examples in the book are dated (even though it's been updated to v3), but this book is the best for learning Infrastructure Testing Methodology.

General:

Hacking: The Art of Exploitation (Link)

Grey Hat Hacking (Link)

Linux:

Hacking Exposed: Linux (I don't have a link to a specific book as there are many editions / revisions for this book. Please read the reviews for the edition you want to purchase)

Metasploit:

I recommend the online course "Metaspliot Unleashed" (Link) as opposed to buying the book (Link).

Nmap:

The man pages. The book (Link) is a great reference and looks great on the bookshelf. The reality is, using Nmap is like baking a cake. There are too many variables involved in running the perfect portscan, every environment is different and as such will require tweaking to run efficiently.

Malware Analysis:

Practical Malware Analysis (Link)

The book is old, but the methodology is rock solid.

Programming / Scripting:

Python: Automate the Boring Stuff (Link)

Hope that helps.

u/DucBlangis · 20 pointsr/netsecstudents

Here is a "curriculum" of sorts I would suggest, as it's fairly close to how I learned:

  1. Programming. Definitely learn "C" first as all of the Exploitation and Assembly courses below assume you know C: The bible is pretty much Dennis Richie and Kernighan's "The C Programming Language", and here is the .pdf (this book is from 1988, I don't think anyone would mind). I actually prefer Kochan's book "Programming in C" which is very beginner freindly and was written in 2004 rather than 1988 making the language a little more "up to date" and accessible. There are plenty of "C Programming" tutorials on YouTube that you can use in conjunction with either of the aforementioned books as well. After learning C than you can try out some other languages. I personally suggest Python as it is very beginner friendly and is well documented. Ruby isn't a bad choice either.

  2. Architecture and Computer basics:
    Generally you'll probably want to look into IA-32 and the best starting point is the Intel Architecture manual itself, the .pdf can be found here (pdf link).
    Because of the depth of that .pdf I would suggest using it mainly as a reference guide while studying "Computer Systems: A Programmers Perspective" and "Secrets of Reverse Engineering".

  3. Operating Systems: Choose which you want to dig into: Linux or Windows, and put the effort into one of them, you can come back to the other later. I would probably suggest Linux unless you are planning on specializing in Malware Analysis, in which case I would suggest Windows. Linux: No Starch's "How Linux Works" is a great beginner resource as is their "Linux Command Line" book. I would also check out "Understanding the Linux Kernel" (that's a .pdf link). For Windows you can follow the Windows Programming wiki here or you can buy the book "Windows System Programming". The Windows Internals books are generally highly regarded, I didn't learn from them I use them more as a reference so I an't really speak to how well they would teach a "beginner".

  4. Assembly: You can't do much better than OpenSecurityTraining's "Introductory Intel x86: Architecture, Assembly, Applications, & Alliteration" class lectures from Xeno Kovah, found here. The book "Secrets of Reverse Engineering" has a very beginner friendly introduction to Assembly as does "Hacking: The Art of Exploitation".

  5. Exploitation: OpenSecurityTraining also has a great video series for Introduction to Exploits. "Hacking: The Art of Exploitation" is a really, really good book that is completely self-contained and will walk you through the basics of assembly. The author does introduce you to C and some basic principles of Linux but I would definitely suggest learning the basics of C and Linux command line first as his teaching style is pretty "hard and fast".

  6. Specialized fields such as Cryptology and Malware Analysis.


    Of course if you just want to do "pentesting/vuln assessment" in which you rely more on toolsets (for example, Nmap>Nessus>Metasploit) structured around a methodology/framework than you may want to look into one of the PACKT books on Kali or backtrack, get familiar with the tools you will use such as Nmap and Wireshark, and learn basic Networking (a simple CompTIA Networking+ book will be a good enough start). I personally did not go this route nor would I recommend it as it generally shys away from the foundations and seems to me to be settling for becoming comfortable with tools that abstract you from the real "meat" of exploitation and all the things that make NetSec great, fun and challenging in the first place. But everyone is different and it's really more of a personal choice. (By the way, I'm not suggesting this is "lame" or anything, it was just not for me.)

    *edited a name out





u/19Kilo · 4 pointsr/networking

The TCP/IP Guide - It's a little dated these days and barely touches IPv6, but it's a good, quick look at a lot of the glue services that you will eventually need to understand and troubleshoot: DNS, SNMP, NTP, etc.

TCP/IP Illustrated, VOL 1 - Here's where we get into the nitty gritty. This shows you what is happening in those packets that cross the wire. Invaluable if you go onto doing Performance Engineering functions later on, but still good.

NMAP Network Scanning - NMAP is a godsend if you don't have remote login rights but you need to see what's happening on the far end of the connection.

Wireshark Network Analysis - Most useful tool in your toolbox, IF you can use it, for proving the negative to your customers. At some point you're going to be faced with an angry mob in Dockers and Polos who want to know "WHY MY THING NOT WORK?". This is the book that will let you point to their box and go "Well, as soon as the far side sends a SYN/ACK your box sends a FIN and kills the connection."

Learning the bash shell - You're a network engineer, you're going to be using Linux boxes as jump boxes for the rest of your life. Shell scripting will let you write up handy little tools to make your life easier. Boss wants to blackhole China at the edge? Write a quick script to pull all of the CN netblocks from the free FTP server APNIC owns, chop it up in sed and AWK, throw a little regex in for seasoning and you're done. And when he comes back in 30 days for an updated list? Boom, it's done even faster.

The vendor specific books are nice, but I can't tell you how many network engineers I've run across who couldn't tell me how DNS worked or how a three way handshake worked or couldn't write a simple script in Bash to bang out 300 port configs in 30 seconds. There are a shit ton of paper CCIEs out there, but those books up there will make you stand out.

u/nicklauscombs · 3 pointsr/netsec

best advice i can give is to start reading anything and everything you can get your hands on related to programming, operating systems, networking, security, etc......



a few books i'm reading/have read/on my list to read and all are excellent starting points:

BackTrack 4: Assuring Security by Penetration Testing (this book was just released and still relevant when using BackTrack5)

Metasploit: The Penetration Tester's Guide

Ninja Hacking: Unconventional Penetration Testing Tactics and Techniques

Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning

Gray Hat Hacking The Ethical Hackers Handbook, 3rd Edition



plenty of links to keep you busy for awhile:
Open Penetration Testing Bookmarks Collection

u/d4rch0n · 2 pointsr/compsci

If you're looking for an intro that will get you doing hands-on stuff quickly, I definitely recommend "Practical Packet Analysis: Using Wireshark...". Only if you want something that's far from textbook-y and will give you some insight into doing casual sysadmin type stuff. Also, "Nmap Network Scanning" will get you doing some hands-on fun activities as well. Just pay attention to local laws before doing anything that might raise red flags.

u/hitmanactual121 · 1 pointr/HowToHack

I realize this is an old post, but I figured I would add my two cents in:

If you have no Linux Knowledge, I would recommend these two books:
http://www.amazon.com/Introduction-Unix-Linux-John-Muster/dp/0072226951

http://www.amazon.com/Introduction-Linux-Manual-Student-Edition/dp/0072226943/ref=pd_bxgy_b_text_y

I would also recommend getting a book on windows server:
http://www.amazon.com/Mastering-Microsoft-Windows-Server-2008/dp/0470532866

After going over those you should have a fundamental understanding of Unix/Linux

Then I would recommend this if you need to brush up on your basic networking knowlege:

http://www.amazon.com/CompTIA-Network-Deluxe-Recommended-Courseware/dp/111813754X/ref=sr_1_1?s=books&ie=UTF8&qid=1369292584&sr=1-1&keywords=network+%2B+delux+guide

Some security theory wouldn't hurt: I'd recommend these in no particular order:

http://www.amazon.com/The-Basics-Information-Security-Understanding/dp/1597496537/ref=pd_rhf_se_s_cp_7_FHWA

http://www.amazon.com/gp/product/1597496154/ref=s9_simh_se_p14_d0_i6?pf_rd_m=ATVPDKIKX0DER&pf_rd_s=auto-no-results-center-1&pf_rd_r=6289C56ED33B4C108B60&pf_rd_t=301&pf_rd_p=1263465782&pf_rd_i=itia2300

And now we actually start getting into penetration testing:

http://www.amazon.com/Metasploit-The-Penetration-Testers-Guide/dp/159327288X/ref=pd_rhf_se_s_cp_3_FHWA

http://www.amazon.com/The-Basics-Digital-Forensics-Getting/dp/1597496618/ref=pd_rhf_se_s_cp_6_FHWA

http://www.amazon.com/Advanced-Penetration-Testing-Highly-Secured-Environments/dp/1849517746/ref=pd_rhf_se_s_cp_8_FHWA

http://www.amazon.com/Nmap-Network-Scanning-Official-Discovery/dp/0979958717/ref=pd_rhf_se_s_cp_10_FHWA



Full disclosure: I have used all these books in my studies. I am not affiliated in any way with these authors, this also isn't something you can just "master" in 24 hours; you may however learn a few cool tricks early. My advice would be to keep at it, not only read these books, but setup Virtual environments to test these concepts in.

Those books I listed should give you a fundamental understanding of: Linux, Windows server, Networking, Information security theory, computer forensics, and basic penetration testing.

I would also recommend you take up a scripting language, Python is pretty simple to learn if you haven't already, and insanely powerful in the right hands.

Oh, one thing I forgot. NEVER EVER EVER run Kali linux as your primary distribution, setup a duel-boot and use something like Debian as your "casual" computer, and then souly use Kali or backtrack as your "Network security distro"

Ninja edited by myself


u/IT_Guy_In_TN · 1 pointr/networking

>read the book by Gordon "Fyodor" Lyon if you're not familiar

Is this the book you're referring to? I'm following this thread too due to my position where I work. :)