Skip to main content

All Questions

Tagged with
Filter by
Sorted by
Tagged with
1 vote
0 answers
765 views

How would you hide yourself whilst conducting a scan on a target network to identify open service ports?

I am working on this question which asks how you would conduct a scan of a target network to identify open service ports without revealing your IP address. It wants details such as IP address ...
Thanos's user avatar
  • 111
1 vote
1 answer
666 views

Determine victim of port scan's OS

I am taking part in a practice sandbox, and have a pcap file in Wireshark: with the traffic depicting a Vertical Port Scan. Is there anyway to find out the "victim"'s Operating System? The packets are ...
PrinceOfCreation's user avatar
3 votes
1 answer
704 views

Is it possible to scan the top X UDP ports and the top Y (X!=Y) TCP ports in Nmap using a single command?

Given X!=Y, is there any way to scan the top (--top-ports) X TCP ports and the top Y UDP ports using a simple Nmap command? The --top-ports parameter affects both the TCP and UDP scans (e.g., when -...
Gari BN's user avatar
  • 495
1 vote
1 answer
112 views

Reason behind sending multiple probes when scanning?

I've read, that the ZMap creators recommend to send three probes for each (ip,port) tuple when scanning. Let's say, we scan port 443 port with a TCP SYN scan. One reason, I can imagine is packet loss. ...
Hansi's user avatar
  • 105
11 votes
2 answers
3k views

What's the advantage of sending an RST packet after getting a response in a SYN scan?

I'm reading about nmap's SYN scan, and it says Nmap sends an RST immediately after the server tries to establish the handshake. My question is - why bother with the RST? Is it to prevent the server ...
Jay's user avatar
  • 223
3 votes
3 answers
10k views

Why is UDP port scanning slower than TCP port scanning?

I can't seem to find an answer for this. Any suggestions?
ellefc's user avatar
  • 539