NMAP - A Stealth Port Scanner--reference

This scan type lists the hosts within the specified range that responded to a ping. It allows you to detect which computers are online,rather than which ports are open. Four methods exist within Nmap for ping sweeping.

The first method sends an ICMP ECHO REQUEST (ping request) packet to the destination system. If an ICMP ECHO REPLY is received,the system is up,and ICMP packets are not blocked. If there is no response to the ICMP ping,Nmap will try a "TCP Ping",to determine whether ICMP is blocked,or if the host is really not online.

A TCP Ping sends either a SYN or an ACK packet to any port (80 is the default) on the remote system. If RST,or a SYN/ACK,is returned,then the remote system is online. If the remote system does not respond,either it is offline,or the chosen port is filtered,and thus not responding to anything.

When you run an Nmap ping scan as root,the default is to use the ICMP and ACK methods. Non-root users will use the connect() method,which attempts to connect to a machine,waiting for a response,and tearing down the connection as soon as it has been established (similar to the SYN/ACK method for root users,but this one establishes a full TCP connection!)

The ICMP scan type can be disabled by setting -P0 (that is,zero,not uppercase o).

Scanning for open UDP ports is done with the -sU option. With this scan type,Nmap sends 0-byte UDP packets to each target port on the victim. Receipt of an ICMP Port Unreachable message signifies the port is closed,otherwise it is assumed open.

（编辑：网站开发网_马鞍山站长网）

【声明】本站内容均来自网络，其相关言论仅代表作者个人观点，不代表本站立场。若无意侵犯到您的权利，请及时与联系站长删除相关内容!