Discovering hosts with TCP SYN ping scans

Ping scans are used for detecting live hosts in networks. Nmap's default ping scan (-sP) uses a TCP ACK and an ICMP echo request to determine if a host is responding, but if a firewall is blocking these requests, we will miss this host. Fortunately, Nmap supports a scanning technique called the TCP SYN ping scan that is very handy in these situations, where system administrators could have been more flexible with other firewall rules.

This recipe will talk about the TCP SYN ping scan and its related options.

How to do it...

Open your terminal and enter the following command:

$ nmap -sP -PS 192.168.1.1/24

You should see the list of hosts found using the TCP SYN ping scan:

$ nmap -sP -PS 192.168.1.1/24

Get Nmap 6: Network Exploration and Security Auditing Cookbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Nmap 6: Network Exploration and Security Auditing Cookbook by Paulino Calderon Pale

Discovering hosts with TCP SYN ping scans

How to do it...

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly