Results 1 to 7 of 7

Thread: Nmap help

  1. #1

    Nmap help

    Can you plz explain to me all the different types of connections that nMap offers, what i mean is what they do, becuz i have downloaded it, and it lists alot of different types of scans, like Xmas scan. and i have no clue what that means. any help is appreciated.

  2. #2

  3. #3
    Senior Member
    Join Date
    Jan 2002
    "Normal" scans - the ones you'd actually use to test your network:

    -sT - plain TCP connect() scan - the only advantage is that you can use it if you're not root. No other kind works if you're not root. Not stealthy, and uses more local and remote system resources. This is not ideal because it is more likely to crash (or otherwise break) a badly made server program.
    -sS - stealth TCP scan - uses "half-open" connections. Advantages: slightly more stealthy (not usually logged by target application, can still be detected easily by IDS), quicker. A server program won't usually notice this hence won't be slowed down or broken by it.
    -sU - UDP scan - scans UDP instead of TCP ports. Very slow, as UDP ports sometimes don't respond even if they're open. Also fairly unreliable as firewall config etc, may cause closed ports to be shown as open.

    "Exotic" scans - not normally terribly useful (I have never found a use for them)

    -sF, sX, sN - use odd combinations of flags to try and solicit a response. Not all TCP stacks respond to these peculiar packets. In particular some (maybe all) Win32 OSs just ignore these packets. (Note: Xmas tree is so-called because it "lights up" the TCP flags "Like a Christmas tree" (i.e. All on at once))

    -sP - pings the hosts using a TCP connection, a ICMP ping or both
    -sL - doesn't actually scan the hosts at all, just prints their IP numbers. Useful for getting lists of hosts for input into other tools. Also does reverse DNS lookups.

    There are other types, but they are even weirder and less useful (and generally more hacker-ish)

  4. #4
    Priapistic Monk KorpDeath's Avatar
    Join Date
    Dec 2001
    Just RTFM -http://www.insecure.org/nmap/nmap_documentation.html
    Mankind have a great aversion to intellectual labor; but even supposing knowledge to be easily attainable, more people would be content to be ignorant than would take even a little trouble to acquire it.
    - Samuel Johnson

  5. #5
    Senior Member
    Join Date
    Apr 2002
    or man nmap or read the README file there there for a reason and should explain all your answers and all the diffrent types of scan methods


    must have posted the same time as korp death and slarty
    By the sacred **** of the sacred psychedelic tibetan yeti ....We\'ll smoke the chinese out
    The 20th century pharoes have the slaves demanding work

  6. #6
    Rewandythal has a good tutorial on this somewhere, search AO for Nmap or just browse through rewandythal's tutorials

  7. #7
    Thanx, for the info!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts