A hacker is attempting to see which ports have been left open on a network. Which NMAP switch would the hacker use?
A hacker is attempting to see which ports have been left open on a network. Which NMAP switch would the hacker use?
A hacker attempting to see which ports have been left open on a network would use the -sS switch in NMAP. This is known as the TCP SYN scan, which sends SYN packets to target ports and waits for a response, thus identifying open ports. The -sO switch, indicated in the suggested answer, is used for IP protocol scanning, not for identifying open ports specifically.
The correct answer is -sS, i confirmed it using nmap. -sO is IP protocol scan, tells you if icmp is open
A is a good answer -sO: IP Protocal scan -sP: Ping sweep scan -sS: stealth scan -sU: UDP scan
NMAP switch "-sS" (Option C), which stands for "TCP SYN scan". This is one of the most popular and widely used NMAP scan techniques that sends SYN packets to each target port, and waits for a response from the target. This can help the hacker identify which ports are open and accepting connections. Option A (-sO) is an IP protocol scan that can be used to identify which IP protocols are supported by the target system. Option B (-sP) is a "ping" or "host discovery" scan that can be used to identify which hosts are up and responding to network traffic. Option D (-sU) is a UDP scan that can be used to identify which UDP ports are open and accepting connections.
I suppose C is correct https://nmap.org/book/scan-methods-ip-protocol-scan.html
Isn't C correct? -sO is protocol scan, it does not scan for ports!
A. -sO is correct answer.
C. -sS (TCP SYN Scan)
-sO is protocol can not port
-sO shows not port numbers but protocol numbers. User is not able to find our what PORTS are Open/Closed from nmap output that with -sO becasue it will shown protocol numbers only. Correct answer is "C" of course it not perfect answer bacuse it will show only open ports for TCP not for UDP. So the opetions vs the question do not match perfectly.