Scribd
Upload
2 views

22th Sep assignment (Nmap types of Scans)

The document outlines various types of Nmap scans used for network security assessments, including TCP, SYN, FIN, Xmas, Null, Ping, UDP, ACK, Version Detection, and OS Fingerprinting scans. Each scan type is described with its purpose, advantages, and syntax for execution. The information is aimed at helping users understand how to utilize Nmap for effective network scanning and security analysis.

Uploaded by

abhishekvish36
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
2 views

22th Sep assignment (Nmap types of Scans)

The document outlines various types of Nmap scans used for network security assessments, including TCP, SYN, FIN, Xmas, Null, Ping, UDP, ACK, Version Detection, and OS Fingerprinting scans. Each scan type is described with its purpose, advantages, and syntax for execution. The information is aimed at helping users understand how to utilize Nmap for effective network scanning and security analysis.

Uploaded by

abhishekvish36
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 7

Name :- Abhishek Vishwakarma

Assignment date:- 22nd September 22


Submission Date :- 28th September 22
Topics :- Nmap Types of Scans.

Types of Nmap scans:-


Different types of scans can be done using Nmap.

1. TCP Scan:-

It completes a three-way handshake between you and a closet target system.

The TCP scan is very noisy and cannot be detected with almost any effort because
services can log onto the sender IP address and trigger an intrusion detection
system.

TCP Connect (full open) [-st]

Syntax:- nmap -sT [target IP]


TCP 3 way handshake :-

2. SYN Scan :-

It is another form of TCP scan. Nmap crafts a sync packet, the first packet sent to
establish is a TCP connection.

SYN Scan is the same as TCP Scan but it does not complete the 3-way handshake
process.

SYN Stealth (Half Open) Scan [-sS]

Syntax:- nmap -sS [target IP]


3. Fin Scan :-

The FIN Scan will send a TCP segment with the FIN flag set. When we send this
packet to destination that doesn’t already have establish session will drop it (means
we will not get any response from destination) if we get RST flag from destination
then we know that port is closed.

Syntax:- nmap -sF [target IP]

4. Xmas Scan :-

It Sets the FIN, PSH, and URG flags, lighting the packet up like a Christmas tree.

Advantage of this scan is that it can sneak through non-stateful firewalls and packet
filtering routers. Such firewalls try to prevent incoming TCP connections by blocking
any TCP packets with the SYN bit set and ACK cleared. Linux iptables firewall
command offers a special -syn option to implement it. Xmas scans clear the SYN bit
and thus fly right through those rules.

Syntax:- nmap -sX [target IP]


5. Null Scan :-

The Null Scan will send a TCP segment with no flags in the packet header. So this
type of generated packets are illegal based on RFC 793.

Syntax :- nmap -sN [target IP]


6. Ping Scan :-

The simple type of Nmap scan where it pings to all the available IP addresses to
check which IP addresses respond to ICMP or Internet Control Message protocol
is called Ping Sweep. If the users need to know only the number of IP addresses
and not many details, this Ping Sweep is very useful. This is faster and hence the
results to be known is fetched easily.

Syntax :- nmap -sP [target IP]

7. UDP Scan :-

This scan is most useful in the Windows system to know whether the UDP layer
is open to attacks or not. It is not always possible to get a response from the UDP
layer but it helps to know whether the layer is having any Trojan attacks running
or not. The responses can be a bit slower than other scans but it is useful to do
this scan to protect our UDP layer. It responds to packets when the port is closed
which might make the sender believe that there is a presence of Trojan. It is good
to double-check the same.

Syntax :- nmap -sU [target IP]

8. ACK Scan :-
ACK scans are used to determine a particular port that has been filtered. It proves to
be extremely helpful when trying to check for firewalls and their current regulations.

Syntax :- nmap -sA [target IP]

9. Version Detection Scan :-

Syntax :- nmap -sV [target IP]

10. OS Fingerprinting :-

Syntax :- nmap -o -v [target IP]

nmap -o [target IP]

You might also like