Fyodor's ShmooCon 2006 Nmap Presentation Video and Slides
Summary
While many security practitioners use Nmap, few understand its full
power. Nmap deserves part of the blame for being too helpful. A simple
command such as “nmap scanme.insecure.org” leaves Nmap to choose the
scan type, timing details, target ports, output format, source ports
and addresses, and more. You can even specify -iR (random input) and
let Nmap choose the targets! Hiding all of these details makes Nmap
easy to use, but also easy to grow complacent with. Many people never
explore the hundreds of available options and scan techniques for more
powerful scanning.
In this presentation, Nmap author Fyodor details advanced Nmap
usage—from clever hacks for teaching Nmap new tricks, to new and
undocumented features for bypassing firewalls, optimizing scan
performance, finding free porn, defeating intrusion detection systems,
and more. A special Shmoo version of Nmap was released at the
conference, though all the features discussed are now integrated with
official Nmap releases
(download
page, Changelog).
Presentation Video
Presentation video is available in several formats. The most convenient is probably the streaming Flash version (note: first 28 seconds are blank):
The highest quality version of the video is this 400x304, 88
megabyte MPEG4
version: fyodor-nmap-shmoo06.mp4.
The first 52 seconds or so are mostly junk. If someone with good
software is able to cut that out of the video (cut out everything
until Crispin starts) and send me a link to a new copy, that would be
great. Ideally, the shortening would be done without the quality loss
of re-encoding. But I'll be happy as long as the size doesn't
increase materially and the quality doesn't decrease materially. If
you do this, please mail the new video link
to Fyodor.
