The -sT option in Nmap is used to perform a TCP connect scan. This type of scan establishes a full TCP connection with the target host by completing the three-way handshake (SYN, SYN-ACK, ACK). It is useful for identifying open ports on a target system.
Here's a brief breakdown of how it works:
- SYN: The scanner sends a SYN packet to the target port.
- SYN-ACK: If the port is open, the target responds with a SYN-ACK packet.
- ACK: The scanner then sends an ACK packet to complete the handshake.
This method is straightforward but can be easily detected by firewalls and intrusion detection systems since it establishes a full connection.
