What is Port Scanning?
Port scanning is a method used by ethical hackers and penetration testers to identify open ports on a target system. Open ports indicate active services that may be vulnerable to exploitation. Port scanning is a foundational skill in network reconnaissance and vulnerability assessment.
📌 Types of Port Scans
1. TCP Connect Scan
Completes the full TCP handshake. Easy to detect but very reliable. Ideal for basic testing.
2. SYN Scan (Half-Open)
Fast and stealthy. Sends SYN, waits for SYN-ACK, and doesn’t complete the handshake. Default in Nmap when run as root.
3. UDP Scan
Used to detect services on UDP ports (like DNS, SNMP). Slower and less reliable due to lack of response from closed ports.
4. Stealth & Obfuscated Scans
Includes scans like FIN, Xmas, and Null. Used to bypass basic firewalls or logging systems.
🧠 Step-by-Step Port Scanning Guide
Step 1: Choose Your Tool
- Nmap – Most popular and powerful scanner
- Masscan – Lightning-fast scanner for large IP ranges
- Netcat – Manual port connection testing
Step 2: Define the Target
Identify IPs or domain names in-scope. For large networks, use CIDR notation (e.g., 192.168.0.0/24).
Step 3: Run Initial Scan
nmap -sS -p- -T4 192.168.1.1-sS = SYN scan (stealthy) -p- = Scan all 65535 ports -T4 = Faster execution (be cautious in production)
Step 4: Service and Version Detection
nmap -sV -sC -p 22,80,443 192.168.1.1-sV = Detect service versions -sC = Run default Nmap scripts -p = Specify ports manually
Step 5: Save Results
nmap -oN scan_results.txt 192.168.1.1🌐 Real-World Example
# Scan a public server for open ports and services
nmap -sS -sV -T4 scanme.nmap.org
# Masscan to find open ports quickly
masscan 192.168.1.0/24 -p1-65535 --rate=10000
# Netcat to test connectivity manually
nc -v 192.168.1.1 80💡 Pro Tips
- Use a VPN or lab environment when scanning external targets
- Always scan all ports (-p-) before deep analysis
- Document discovered services and unusual ports for further testing
- Use version detection cautiously—some services may crash