Resources

Fyodor's official nmap page: http://www.insecure.org/nmap/

Fyodor's article “The Art of Port Scanning”: out-of-date as it pertains to nmap syntax, still provides an excellent description of how port scanning in general, and stealth scanning in particular, work: http://www.insecure.org/nmap/nmap_doc.html

Entertaining article by Fyodor on nmap's OS fingerprintIng feature: http://www.insecure.org/nmap/nmap-fingerprinting-article.html

Network Magazine article by Rik Farrow: Describes nmap's OS fingerprinting in simpler terms: http://www.insecure.org/nmap/press/network_magazine-system_fingerprinting.txt

The IANA's official list of well-known, registered and private/dynamic ports: http://www.isi.edu/in-notes/iana/assignments/port-numbers/

The official Internet Engineering Task Force (IETF) RFC repository: wondering just what “RFC-793-compliant” means? Wonder no more. Of particular note are RFCs 793 (TCP Protocol), 768 (UDP Protocol) and 1413 (Ident Protocol): http://www.ietf.org/rfc.html