Network Probes Explained: Understanding Port Scans and Ping Sweeps

Listing 2. A Typical Nmap Scan

root@attacker# nmap -sS -O target.example.com

Starting nmap V. 2.53 by fyodor@insecure.org/
( http://www.insecure.org/nmap/ )
Interesting ports on target.example.com (192.168.0.2):
(The 1507 ports scanned but not shown below are
in state: closed)
Port       State       Service
21/tcp     open        ftp
22/tcp     open        ssh
23/tcp     open        telnet
25/tcp     open        smtp
37/tcp     open        time
79/tcp     open        finger
110/tcp    open        pop-3
111/tcp    open        sunrpc
113/tcp    open        auth
143/tcp    open        imap2
515/tcp    open        printer
901/tcp    open        samba-swat
2049/tcp   open        nfs
6000/tcp   open        X11
7100/tcp   open        font-service

TCP Sequence Prediction:
   Class=random positive increments
   Difficulty=2135704 (Good luck!)
Remote operating system guess:
Linux 2.1.122 - 2.2.14

Nmap run completed -- 1 IP address
(1 host up) scanned in 3 seconds