Nmap From Beginner To Pro

Question 1

Nmap -sP 192.168.0.1/24

Answer 1

This command will return all host that responded to your ping requests together with the total number of IP addresses.

Question 2

sS TCP SYN Scan

Answer 2

This type of scan does not complete connections with the network which can draw attention to your activity, which makes it a good technique for privacy.

This type of scan works by sending a SYN packet and then waiting for response.

If it gets an ‘acknowledgement’, this is treated as an open port while no response is treated as a filtered port.

Non-listening ports are identified using a reset or RST

Question 3

sT TCP Connect Scan

Answer 3

For a user who is unable to run a SYN scan, the TCP Connect Scan provides the best alternative.

The user sends a connect system call to connect with the network.

Nmap uses a call to push information for every connection attempt instead of having to read through responses.

However, you should note that a TCP connect scan will take a relatively longer time compared to a SYN scan.