A SYN stealth scan, also known as a SYN scan, is a technique used to determine which ports on a target system are open without establishing a full TCP connection. Here's how it works:
How It Works:
- SYN Packet: The scanner sends a SYN (synchronize) packet to the target port, indicating a request to establish a connection.
- Response:
- If the port is open, the target responds with a SYN-ACK (synchronize-acknowledge) packet.
- If the port is closed, the target responds with a RST (reset) packet.
- RST Packet: Instead of completing the handshake by sending an ACK (acknowledge) packet, the scanner sends a RST packet to terminate the connection attempt.
Advantages:
- Stealthy: Since the connection is not fully established, it is less likely to be logged by intrusion detection systems.
- Speed: SYN scans can be faster than other scanning methods because they do not complete the TCP handshake.
Use Cases:
- Commonly used in network security assessments to identify open ports and potential vulnerabilities.
If you have further questions or need more details, feel free to ask!
