Regarding nmap

What's nmap

One of the representative port scanners.

Basic syntax

nmap <options> <a server IP address or host name>

Options

# Specify any port
-p

# TCP connection scan
# Check connection to the target. The target daemon process found that TCP connection was tried. If not specified any options, -sT is set as default.
-sT

# TCP syn scan
# Sending only first syn packet in 3 way handshake. If syn/ack is returned, determine that post is opened. If RST is returned, determine that there is no listener. Not establish connection, so the target does not found scan.
-sS

# TCP Null scan
-sN

# TCP fin scan
-sF

# TCP Xmas scan
-sX

# TCP ack scan
-sA

Display meanings

nmap hoge.com

PORT STATE SERVICE 22/tcp open ssh

# STATE
means port state
open: a port is open
closed: a port is closed
filterd: a packet filter works for a port and it cannot be determined if a port is open or not

# filtered
Not determine whether port is open or not.

# unfiltered
Can access to post though, not determine whether post is open or not.

# open|filtered
Not determine whether post is open or not, and packet filtering is available or not.

# closed|filtered
Not determine whether post is closed or not, and packet filtering is available or not.