Below are the primary types of scans that can be performed using Nmap:
- TCP Scan
This type of scan is meant for checking and completing a three-way handshake at the target system.
- UDP Scan
The role of the UDP scan is to test if any UDP ports are active to listen to the requests coming to the target machine.
- SYN SCAN
SYN Scan is a form of TCP scan. However, it is different from a typical TCP scan, because the SYN packets are created by Nmap itself. Moreover, when a TCP connection is formed, the SYN packet is the first one to be created.
- ACK SCAN
In order to check if a specific port is filtered or not, the ACK scans are brought into use. It is a handy scan in Nmap when evaluating firewalls along with the set of rules.
- FIN SCAN
Similar to SYN scan, it is another stealthy scan. The difference is that it sends a TCP PIN packet.
- NULL SCAN
The NULL scan is used to make the header fields null.
- XMAS SCAN
It is another stealthy scan that is used for the manipulation of PSH, URG, and FIN flags.
- RPC SCAN
The role of RPC Scans is to find the machines responding to RPC or Remote Procedure Call services. With RPC, the commands can be run in a remote manner on specific machines.
- IDLE SCAN
This is considered the stealthiest scan in Nmap. This is because it bounces off the packets from the external hosts.
Leave a Reply