Nmap scan

1. Only the host can be detected alive , That is, access to the network . The service port cannot be seen .
   The default is -sS scanning ,TCP SYN Stealth Scan. It can reduce network traffic , Fast .SYN scan is the default and most popular scan option. often referred to as half-open scanning, because you don’t open a full TCP connection.

[[email protected] ~]# nmap 10.0.0.100Starting Nmap 7.70 ( https://nmap.org ) at 2022-07-04 16:49 CSTNmap scan report for 10.0.0.100Host is up (-0.20s latency).All 1000 scanned ports on 10.0.0.100 are filteredMAC Address: FA:16:3E:D3:D3:38 (Unknown)Nmap done: 1 IP address (1 host up) scanned in 21.30 seconds

2. ping Host not detected , but nmap Can detect , Because except for ICMP, It's still used TCP.

[[email protected] ~]# ping 10.0.0.100PING 10.0.0.100 (10.0.0.100) 56(84) bytes of data.^C--- 10.0.0.100 ping statistics ---3 packets transmitted, 0 received, 100% packet loss, time 32ms[[email protected] ~]# nmap -sP 10.0.0.100Starting Nmap 7.70 ( https://nmap.org ) at 2022-07-04 17:22 CSTNmap scan report for 10.0.0.100Host is up (0.00027s latency).MAC Address: FA:16:3E:D3:D3:38 (Unknown)Nmap done: 1 IP address (1 host up) scanned in 0.21 seconds

The default host discovery done with -sn consists of an ICMP echo request, TCP SYN to port 443, TCP ACK to port 80, and an ICMP timestamp request by default.
In previous releases of Nmap, -sn was known as -sP. (No port scan)

Activate different control bit scanning ：

• ACK scanning -sA
• FIN scanning -sF
• Null scanning -sN All control bits are 0
• MAX scanning -sX So the control bits are 1

Nothing meaningful can be swept out , boring .
The only meaning is , Know where this host is stored .
Because the host that does not survive ,nmap It can still be detected ：

[[email protected] ~]# nmap  10.0.0.201Starting Nmap 7.70 ( https://nmap.org ) at 2022-07-04 18:10 CSTNote: Host seems down. If it is really up, but blocking our ping probes, try -PnNmap done: 1 IP address (0 hosts up) scanned in 0.44 seconds[[email protected] ~]# nmap  -Pn 10.0.0.201Starting Nmap 7.70 ( https://nmap.org ) at 2022-07-04 18:10 CSTNmap done: 1 IP address (0 hosts up) scanned in 0.45 seconds