Back

Lesson 4: Port Scanning Methods

Master different port scanning techniques for service discovery

1 / 4

Port Scanning Fundamentals

Port scanning is the process of checking which ports are open, closed, or filtered on a target host. It's essential for understanding what services are running and potential attack vectors.

Port States Explained

Open
  • • Service actively listening
  • • Accepts connections
  • • Potential entry point
  • • Responds to probes
Closed
  • • No service listening
  • • Port accessible but unused
  • • Responds with RST packet
  • • Host is reachable
Filtered
  • • Firewall blocks probe
  • • No response received
  • • State cannot be determined
  • • May indicate security measures

Default NMAP Port Scanning

nmap 192.168.1.100
• Scans top 1000 most common ports
• Uses TCP SYN scan by default (as root)
• Uses TCP Connect scan (as normal user)
Sample Output:
Starting Nmap 7.94 ( https://nmap.org )
Nmap scan report for 192.168.1.100
Host is up (0.00045s latency).
Not shown: 996 closed ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
443/tcp open https
8080/tcp open http-proxy