Nmap from Scratch | Part-3 | Discovering hosts

Hey, I hope ya’ll are doing well, in this blog we will cover different scanning techniques to discover hosts .

- sL ( List Scan )

List scan is used to discover all the available hosts on a network without actually interacting with the target host, it does not perform a port scan, list scan is usually used in the enumeration phases to know what all hosts are available on the network.

- sn ( Ping Scan )

The main purpose of ping scan is to check whether the target host is alive or not, these scans are often blocked by firewalls in most of the cases generating false negatives, but it’s also one of the less invasive type of scan, and it does not perform any port scan.

- Pn ( Skip host discovery )

There are cases when the ping scan often get’s blocked by the firewall and as a result nmap shows us the host as down even though it’s up, so to circumvent this, Pn option is used which basically skips the ping scan and straightaway perform the port scan.

The above scans will do for majority of the cases but there might be cases when firewall would block the ping scan and nmap will generate false negatives that’s when the other options comes into play, some of them are.

-PS [ Ping scan with SYN flag ]
-PA [ Ping scan with ACK flag ]
-PU [ UDP ping scan ]
-n [ Never do DNS resolution ]
-PR [ ARP scan only ]
We can even use port number with the ping scan for example we can write:
nmap -PS80 nmap.scanme.org [ Perform ping scan on port 80 ]

This is it for this blog, we’ll cover different scanning techniques in the next blog. If you feel this blog needs any correction, ping me at A3h1nt .




Infosec Enthusiast | Student

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

On demand Minecraft Server with Terraform and Digital Ocean

Adding Packed-Boolean Initializers

Introduction to Create Own Python Packages

Summer Internship Experience

Strategy design pattern — Java

First Bad Version-LeeCode.

Lambdas vs Local Functions What’s the Difference

A Beginner’s Guide to Containers and Dockers

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store


Infosec Enthusiast | Student

More from Medium

Beware The XSS Attack

How I Used OSINT to Find an Abandoned Hotel

Passive Information Gathering

This is part 2 of the reverse engineering ippsRSA library to induce faults.