May 14th, 2003, 11:15 PM
Can you plz explain to me all the different types of connections that nMap offers, what i mean is what they do, becuz i have downloaded it, and it lists alot of different types of scans, like Xmas scan. and i have no clue what that means. any help is appreciated.
May 14th, 2003, 11:31 PM
May 14th, 2003, 11:38 PM
"Normal" scans - the ones you'd actually use to test your network:
-sT - plain TCP connect() scan - the only advantage is that you can use it if you're not root. No other kind works if you're not root. Not stealthy, and uses more local and remote system resources. This is not ideal because it is more likely to crash (or otherwise break) a badly made server program.
-sS - stealth TCP scan - uses "half-open" connections. Advantages: slightly more stealthy (not usually logged by target application, can still be detected easily by IDS), quicker. A server program won't usually notice this hence won't be slowed down or broken by it.
-sU - UDP scan - scans UDP instead of TCP ports. Very slow, as UDP ports sometimes don't respond even if they're open. Also fairly unreliable as firewall config etc, may cause closed ports to be shown as open.
"Exotic" scans - not normally terribly useful (I have never found a use for them)
-sF, sX, sN - use odd combinations of flags to try and solicit a response. Not all TCP stacks respond to these peculiar packets. In particular some (maybe all) Win32 OSs just ignore these packets. (Note: Xmas tree is so-called because it "lights up" the TCP flags "Like a Christmas tree" (i.e. All on at once))
-sP - pings the hosts using a TCP connection, a ICMP ping or both
-sL - doesn't actually scan the hosts at all, just prints their IP numbers. Useful for getting lists of hosts for input into other tools. Also does reverse DNS lookups.
There are other types, but they are even weirder and less useful (and generally more hacker-ish)
May 14th, 2003, 11:38 PM
Just RTFM -http://www.insecure.org/nmap/nmap_documentation.html
Mankind have a great aversion to intellectual labor; but even supposing knowledge to be easily attainable, more people would be content to be ignorant than would take even a little trouble to acquire it.
- Samuel Johnson
May 14th, 2003, 11:39 PM
or man nmap or read the README file there there for a reason and should explain all your answers and all the diffrent types of scan methods
must have posted the same time as korp death and slarty
By the sacred **** of the sacred psychedelic tibetan yeti ....We\'ll smoke the chinese out
The 20th century pharoes have the slaves demanding work
May 15th, 2003, 12:20 AM
Rewandythal has a good tutorial on this somewhere, search AO for Nmap or just browse through rewandythal's tutorials
May 15th, 2003, 02:51 PM