Common Nmap scan types include:
1. SYN Scan (-sS)
- Description: A stealthy scan that sends SYN packets to initiate a TCP handshake but does not complete it. This helps avoid detection by firewalls.
- Use Case: Quickly identifies open ports without establishing a full connection.
2. TCP Connect Scan (-sT)
- Description: Establishes a full TCP connection by completing the three-way handshake.
- Use Case: Useful when you don't have root privileges and need to scan open ports.
3. UDP Scan (-sU)
- Description: Scans for open UDP ports by sending UDP packets.
- Use Case: Essential for identifying services that run over UDP, such as DNS or DHCP.
4. Service Version Detection (-sV)
- Description: Probes open ports to determine the service and version running on them.
- Use Case: Useful for vulnerability assessments and identifying outdated software.
5. Operating System Detection (-O)
- Description: Attempts to determine the operating system of the target by analyzing TCP/IP stack behavior.
- Use Case: Helpful for gathering information about the target environment.
6. Ping Scan (-sn)
- Description: Discovers live hosts on a network without scanning ports. It sends ICMP echo requests and analyzes responses.
- Use Case: Quickly identifies active devices on a network.
7. Aggressive Scan (-A)
- Description: Combines several features, including OS detection, version detection, script scanning, and traceroute.
- Use Case: Provides comprehensive information about the target but can be more intrusive.
Conclusion
These common scan types allow you to tailor your network scanning approach based on your specific needs, whether it's identifying open ports, determining service versions, or gathering OS information. If you have any further questions or need more details, feel free to ask!
