Cyberclopaedia
Reconnaissance
Enumeration
Port Scanning
FIN, NULL & XMAS Scans
index
Operation Security (OpSec)
SYN Scan
TCP Connect Scan
DNS Server Enumeration (53)
FTP Enumeration (21)
index
LDAP Enumeration (389, 636, 3268, 3269)
SNMP Enumeration (161)
Web Server Enumeration (80, 443)
index
index

SYN Scan

This is the type of scan which nmap defaults to when run with elevated privileges and is also also referred to as a "stealth scan". Nmap sends a SYN packet to the target, initiating a TCP connection. The target responds with SYN ACK, telling Nmap that the port is accessible. Finally, Nmap terminates the connection before it's finished by issuing an RST packet.

This type of scan can also be specified using the -sS option.

Despite its moniker, a SYN scan is no longer considered "stealthy" and is quite easily detected nowadays.
Table Of Contents
SYN Scan