Discovering stateful firewalls by using a TCP ACK scan

The TCP ACK scanning technique uses packets with the flag ACK on to try to determine if a port is filtered. This technique comes handy when checking if the firewall protecting a host is stateful or stateless.

This recipe shows how to perform TCP ACK port scanning by using Nmap.

How to do it...

Open your terminal and type the following command:

#nmap -sA <target>

The output follows the standard port format:

# nmap -sA 192.168.1.254


Nmap scan report for 192.168.1.254
Host is up (0.024s latency).
All 1000 scanned ports on 192.168.1.254 are unfiltered
MAC Address: 5C:4C:A9:F2:DC:7C (Huawei Device Co.)

How it works...

The argument -sA tells Nmap to launch a TCP ACK port scan against the target host. ...

Get Nmap 6: Network Exploration and Security Auditing Cookbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Nmap 6: Network Exploration and Security Auditing Cookbook by Paulino Calderon Pale

Discovering stateful firewalls by using a TCP ACK scan

How to do it...

How it works...

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly