Re: At what point NMAP decides if host is UP ?

[MadHat <madhat () unspecific com>]

On Aug 5, 2004, at 1:02 PM, MadHat wrote:
> On Aug 5, 2004, at 12:53 PM, micro dev wrote:
> > Hi,
> > I use TCP SYN scan to scan remote hosts and also use OS 
> > fingerprinting.
> > I use command something like that -
> >
> > nmap -sS -O -p <port list> <ip address>
> > I also depend upon nmap response to find if host is UP or DOWN.
> >
> > So I am just qurious to know how NMAP will decide if host is UP if 
> > command listed above is used.
> > Does it use ICMP at all in this case ?
> >
> > If NMAP uses SYN packets to find if host is UP, then it uses any 
> > default port or uses list of ports specified in the command.
>
> By default it will use port 80, you can force it to use another port 
> with -PS#

I hate replying to myself, but I left part of this out... -PS# says use 
a TCP SYN as the probe, you can also use -PA# to use a TCP ACK for the 
probe packet.  You can also use -PU# for a UDP packet to probe to see 
if the host is up. Also using -PE for ICMP Echo-Request, -PM for ICMP 
netmask request, -PP for ICMP timestamp request, and -PB being the 
default of using -PA80 and -PE together, but to use ICMP probes, you 
must be root, or have root privs.


---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to 
nmap-dev-help () insecure org . List archive: http://seclists.org