On Aug 5, 2004, at 1:02 PM, MadHat wrote:
> On Aug 5, 2004, at 12:53 PM, micro dev wrote:
>> Hi,
>> I use TCP SYN scan to scan remote hosts and also use OS
>> fingerprinting.
>> I use command something like that -
>>
>> nmap -sS -O -p <port list> <ip address>
>> I also depend upon nmap response to find if host is UP or DOWN.
>>
>> So I am just qurious to know how NMAP will decide if host is UP if
>> command listed above is used.
>> Does it use ICMP at all in this case ?
>>
>> If NMAP uses SYN packets to find if host is UP, then it uses any
>> default port or uses list of ports specified in the command.
>
> By default it will use port 80, you can force it to use another port
> with -PS#
I hate replying to myself, but I left part of this out... -PS# says use
a TCP SYN as the probe, you can also use -PA# to use a TCP ACK for the
probe packet. You can also use -PU# for a UDP packet to probe to see
if the host is up. Also using -PE for ICMP Echo-Request, -PM for ICMP
netmask request, -PP for ICMP timestamp request, and -PB being the
default of using -PA80 and -PE together, but to use ICMP probes, you
must be root, or have root privs.
---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to
nmap-dev-help@insecure.org . List archive: http://seclists.org
Received on Aug 05 2004
Intro
