A hacker is attempting to see which IP addresses are currently active on a network. Which NMAP switch would the hacker use?
A hacker is attempting to see which IP addresses are currently active on a network. Which NMAP switch would the hacker use?
The -sP switch in NMAP is used for a ping scan to determine which IP addresses are active on a network. This command sends ICMP echo requests to the specified network and reports which hosts respond back, thus identifying active IP addresses.
a hacker would do an -sS
SS is used to scan ports in the lower 1000 by default. Not ip addresses
sO is IP protocol scan
-sP does not show up in NMAP manual
It does. "In previous releases of Nmap, -sn was known as -sP." https://linux.die.net/man/1/nmap
This is correct. -sn (No port scan) This option tells Nmap not to do a port scan after host discovery, and only print out the available hosts that responded to the host discovery probes. This is often known as a “ping scan”
-sS Stealth scan (a hacker use this)
-sP ping scan provides status of host
-sP ping Question is not about port scanning and port status but about IP adress and alive host. for this reason the best is -sP