SlideShare a Scribd company logo

Nmap flags table

H
hughpearse
1 of 1
Download to read offline
There exist many different techniques using the TCP protocol for determining if a port is open on a server, such as ACK, FIN, Maimon, NULL, TCP SYN, TCP Connect, Window and Christmas Tree scans. The TCP protocol has 8 flags in its frame header. These flags can be used to identify the scan type. Attacker: Scans FIN SYN connect() PSH ACK URG ECE CWR URG ECE CWR URG ECE CWR 1st SYN RST 1st FIN 1st XMAS 1st 1st 1st NULL Maimon 1st 1st ACK 1st Window 1st Victim: Scans FIN SYN RST 2nd 2nd 2nd SYN 2nd 2nd FIN 2nd XMAS 2nd NULL 2nd Maimon 2nd ACK 2nd Window 2nd connect() Attacker: Scans connect() SYN FIN XMAS NULL Maimon ACK Window FIN SYN RST PSH PSH ACK ACK 3rd

Recommended

Poodle
PoodlePoodle
PoodleSamit Anwer
 
tls_resumption_detailed_final
tls_resumption_detailed_finaltls_resumption_detailed_final
tls_resumption_detailed_finalSergii Cherkavskyi
 
OpenCanary and Canary Tokens
OpenCanary and Canary TokensOpenCanary and Canary Tokens
OpenCanary and Canary TokensMats Karlsson
 
Introduction to cryptography
Introduction to cryptographyIntroduction to cryptography
Introduction to cryptographymukesh prajapati
 
Network Sniffing
Network SniffingNetwork Sniffing
Network Sniffingbudi rahardjo
 
Hack The Box Nest 10.10.10.178
Hack The Box Nest 10.10.10.178Hack The Box Nest 10.10.10.178
Hack The Box Nest 10.10.10.178Abhichai L.
 
Substitution techniques
Substitution techniquesSubstitution techniques
Substitution techniquesvinitha96
 
Introducing TLS 1.3 – The future of Encryption
Introducing TLS 1.3 – The future of EncryptionIntroducing TLS 1.3 – The future of Encryption
Introducing TLS 1.3 – The future of EncryptionRapidSSLOnline.com
 

Recommended

Poodle
PoodlePoodle
PoodleSamit Anwer
 
tls_resumption_detailed_final
tls_resumption_detailed_finaltls_resumption_detailed_final
tls_resumption_detailed_finalSergii Cherkavskyi
 
OpenCanary and Canary Tokens
OpenCanary and Canary TokensOpenCanary and Canary Tokens
OpenCanary and Canary TokensMats Karlsson
 
Introduction to cryptography
Introduction to cryptographyIntroduction to cryptography
Introduction to cryptographymukesh prajapati
 
Network Sniffing
Network SniffingNetwork Sniffing
Network Sniffingbudi rahardjo
 
Hack The Box Nest 10.10.10.178
Hack The Box Nest 10.10.10.178Hack The Box Nest 10.10.10.178
Hack The Box Nest 10.10.10.178Abhichai L.
 
Substitution techniques
Substitution techniquesSubstitution techniques
Substitution techniquesvinitha96
 
Introducing TLS 1.3 – The future of Encryption
Introducing TLS 1.3 – The future of EncryptionIntroducing TLS 1.3 – The future of Encryption
Introducing TLS 1.3 – The future of EncryptionRapidSSLOnline.com
 
HughPearseEsriTraining
HughPearseEsriTrainingHughPearseEsriTraining
HughPearseEsriTraininghughpearse
 
HughPearse-ACE-Forensics-Certification
HughPearse-ACE-Forensics-CertificationHughPearse-ACE-Forensics-Certification
HughPearse-ACE-Forensics-Certificationhughpearse
 
Prism-Proof Cloud Email Services
Prism-Proof Cloud Email ServicesPrism-Proof Cloud Email Services
Prism-Proof Cloud Email Serviceshughpearse
 
ACE forensics certification
ACE forensics certificationACE forensics certification
ACE forensics certificationhughpearse
 
Buffer overflow tutorial
Buffer overflow tutorialBuffer overflow tutorial
Buffer overflow tutorialhughpearse
 
Diffie-Hellman key exchange
Diffie-Hellman key exchangeDiffie-Hellman key exchange
Diffie-Hellman key exchangehughpearse
 
Metasploit cheat sheet
Metasploit cheat sheetMetasploit cheat sheet
Metasploit cheat sheethughpearse
 
Low Level Exploits
Low Level ExploitsLow Level Exploits
Low Level Exploitshughpearse
 

More Related Content

More from hughpearse

HughPearseEsriTraining
HughPearseEsriTrainingHughPearseEsriTraining
HughPearseEsriTraininghughpearse
 
HughPearse-ACE-Forensics-Certification
HughPearse-ACE-Forensics-CertificationHughPearse-ACE-Forensics-Certification
HughPearse-ACE-Forensics-Certificationhughpearse
 
Prism-Proof Cloud Email Services
Prism-Proof Cloud Email ServicesPrism-Proof Cloud Email Services
Prism-Proof Cloud Email Serviceshughpearse
 
ACE forensics certification
ACE forensics certificationACE forensics certification
ACE forensics certificationhughpearse
 
Buffer overflow tutorial
Buffer overflow tutorialBuffer overflow tutorial
Buffer overflow tutorialhughpearse
 
Diffie-Hellman key exchange
Diffie-Hellman key exchangeDiffie-Hellman key exchange
Diffie-Hellman key exchangehughpearse
 
Metasploit cheat sheet
Metasploit cheat sheetMetasploit cheat sheet
Metasploit cheat sheethughpearse
 
Low Level Exploits
Low Level ExploitsLow Level Exploits
Low Level Exploitshughpearse
 

More from hughpearse (8)

HughPearseEsriTraining
HughPearseEsriTrainingHughPearseEsriTraining
HughPearseEsriTraining
 
HughPearse-ACE-Forensics-Certification
HughPearse-ACE-Forensics-CertificationHughPearse-ACE-Forensics-Certification
HughPearse-ACE-Forensics-Certification
 
Prism-Proof Cloud Email Services
Prism-Proof Cloud Email ServicesPrism-Proof Cloud Email Services
Prism-Proof Cloud Email Services
 
ACE forensics certification
ACE forensics certificationACE forensics certification
ACE forensics certification
 
Buffer overflow tutorial
Buffer overflow tutorialBuffer overflow tutorial
Buffer overflow tutorial
 
Diffie-Hellman key exchange
Diffie-Hellman key exchangeDiffie-Hellman key exchange
Diffie-Hellman key exchange
 
Metasploit cheat sheet
Metasploit cheat sheetMetasploit cheat sheet
Metasploit cheat sheet
 
Low Level Exploits
Low Level ExploitsLow Level Exploits
Low Level Exploits
 

Nmap flags table

  • 1. There exist many different techniques using the TCP protocol for determining if a port is open on a server, such as ACK, FIN, Maimon, NULL, TCP SYN, TCP Connect, Window and Christmas Tree scans. The TCP protocol has 8 flags in its frame header. These flags can be used to identify the scan type. Attacker: Scans FIN SYN connect() PSH ACK URG ECE CWR URG ECE CWR URG ECE CWR 1st SYN RST 1st FIN 1st XMAS 1st 1st 1st NULL Maimon 1st 1st ACK 1st Window 1st Victim: Scans FIN SYN RST 2nd 2nd 2nd SYN 2nd 2nd FIN 2nd XMAS 2nd NULL 2nd Maimon 2nd ACK 2nd Window 2nd connect() Attacker: Scans connect() SYN FIN XMAS NULL Maimon ACK Window FIN SYN RST PSH PSH ACK ACK 3rd