Sono un po 'confuso su quale sia l'opzione di scansione predefinita per una scansione nmap. Ad esempio:
nmap -A -p 22
Sto eseguendo una scansione SYN o TCP connect scan?
Durante la scansione delle porte TCP, Nmap eseguirà una scansione SYN per impostazione predefinita e farà torna a connetti scansione se l'utente non ha privilegi sufficienti.
Da i documenti :
-sS
(TCP SYN scan)SYN scan is the default and most popular scan option for good reasons. It can be performed quickly, scanning thousands of ports per second on a fast network not hampered by restrictive firewalls. [...]
-sT
(TCP connect scan)TCP connect scan is the default TCP scan type when SYN scan is not an option. This is the case when a user does not have raw packet privileges. [...]
Puoi anche utilizzare il flag dettagliato ( -v
) per scoprire quali tipi di scansione sono in esecuzione:
$ nmap -v -p 22 1.2.3.4 Starting Nmap 7.60 ( https://nmap.org ) at 2017-12-11 12:14 CET Initiating Ping Scan at 12:14 Scanning 1.2.3.4 [2 ports] Completed Ping Scan at 12:14, 0.00s elapsed (1 total hosts) Initiating Parallel DNS resolution of 1 host. at 12:14 Completed Parallel DNS resolution of 1 host. at 12:14, 0.01s elapsed Initiating Connect Scan at 12:14 Scanning xxx (1.2.3.4) [1 port] Completed Connect Scan at 12:14, 0.00s elapsed (1 total ports) Nmap scan report for xxx (1.2.3.4) Host is up (0.000070s latency). PORT STATE SERVICE 22/tcp closed ssh Read data files from: /usr/bin/../share/nmap Nmap done: 1 IP address (1 host up) scanned in 0.04 seconds
$ sudo nmap -v -p 22 1.2.3.4 Starting Nmap 7.60 ( https://nmap.org ) at 2017-12-11 12:15 CET Initiating Parallel DNS resolution of 1 host. at 12:15 Completed Parallel DNS resolution of 1 host. at 12:15, 0.01s elapsed Initiating SYN Stealth Scan at 12:15 Scanning xxx (1.2.3.4) [1 port] Completed SYN Stealth Scan at 12:15, 0.04s elapsed (1 total ports) Nmap scan report for xxx (1.2.3.4) Host is up (0.000045s latency). PORT STATE SERVICE 22/tcp closed ssh Read data files from: /usr/bin/../share/nmap Nmap done: 1 IP address (1 host up) scanned in 0.12 seconds Raw packets sent: 1 (44B) | Rcvd: 2 (84B)
Dipende dal privato. dell'utente che esegue la scansione:
Leggi altre domande sui tag nmap