A hacker is attempting to see which IP addresses are currently active on a network. Which NMAP switch would the hacker use?
A hacker is attempting to see which IP addresses are currently active on a network. Which NMAP switch would the hacker use?
The -sP switch in NMAP is used for a ping scan to determine which IP addresses are active on a network. This command sends ICMP echo requests to the specified network and reports which hosts respond back, thus identifying active IP addresses.
SS is used to scan ports in the lower 1000 by default. Not ip addresses
a hacker would do an -sS
-sP ping Question is not about port scanning and port status but about IP adress and alive host. for this reason the best is -sP
-sP ping scan provides status of host
-sS Stealth scan (a hacker use this)
-sP does not show up in NMAP manual
It does. "In previous releases of Nmap, -sn was known as -sP." https://linux.die.net/man/1/nmap
This is correct. -sn (No port scan) This option tells Nmap not to do a port scan after host discovery, and only print out the available hosts that responded to the host discovery probes. This is often known as a “ping scan”
sO is IP protocol scan