Nmap Basic Port Scans
With a list of live hosts in hand, you move to the next phase: port scanning. Knowing which ports are open reveals what services are running and what attack surface exists. This room covers the three fundamental scan types: TCP Connect (the safe, unprivileged scan), TCP SYN (the stealthy, root-required scan), and UDP (the slow but necessary scan for DNS, SNMP, and DHCP). You'll also learn how to fine-tune scan scope, speed, and parallelism to adapt to different engagement constraints.
Skills You Will Learn
Prerequisites
- thm-nmap01
- networking-basics
- tcp-ip-fundamentals
- host-discovery
Walkthrough Phases
Port Scan Fundamentals
Understand the six port states Nmap reports and what each means operationally
TCP Connect and TCP SYN Scans
Master the two primary TCP scan types and understand when to use each
UDP Scanning
Scan UDP services that TCP scans miss entirely
Fine-Tuning Scan Parameters
Control port ranges, timing, and parallelism for different engagement scenarios