A comprehensive guide and tool suite Nmap, which has over 1,000,000 users and is distributed with many operating systems including Redhat Linux, Debian Linux, Gentoo, FreeBSD, and OpenBSD.

Russ Rogers is co-founder, CEO, CTO and Principal Security Consultant for Security Horizon, Inc. Russ is a United States Air Force Veteran and has served in military and contract support for the National Security Agency and the Defense Information Systems Agency. He also serves as the Professor of Network Security at the University of Advancing Technology (uat.edu) in Tempe, AZ.

?My career is based on performing network evaluations and penetration tests on customer networks to find security holes. A significant part of my job is understanding the specifics of what machines, services, and applications are available to attack on those networks. This is normally the first step in any network security work. Although there are certainly multiple tools available that could be used for this, the industry agrees (by huge majority) that NMAP is the best tool for the job. It provides mandatory functions, such as service identification and verification, but also provides the added capabilities for identifying the host operating system and utilizing a variety of port scans methods, depending on the job requirements.

Many of the options within NMAP are no longer documented within the help files, requiring users of the product to keep their own notes or perform extensive web searches looking for the appropriate command line options to use. It is my opinion that a Syngress book on the NMAP tool would provide an invaluable reference to individuals depending on the NMAP tool. What a great benefit it would be to reach over and take a reference from the book shelf.

Of course, all truly useful reference books need a qualified author who understands the underlying details. I believe Angela Orebaugh has the background and network knowledge to write a comprehensive and valuable reference book on NMAP. Angela has already authored books on intrusion detection, Snort IDS, and packet sniffing using Snort. The understanding of networks and protocols required to write on those topics is mandatory when authoring a reference on port scanning. It is my hope that Ms. Orebaugh can de-mystify some of the basic operations of the port scans and provide a much needed tutorial on how each scan works and why it might be useful in each situation.?