Why would a penetration tester use the nmap -sF command?

  • Post author:
  • Post category:Blog
  • Reading time:1 mins read
  • Post last modified:June 12, 2024

Why would a penetration tester use the nmap -sF command?

  • when a TCP SYN scan is detected by a network filter or firewall 
  • when the tester wants to conclude the scan 
  • when a TCP SYN scan reports more than one open port 
  • when the tester needs to time stamp the scan

Explanation & Hint:

When a network filter or firewall detects a TCP SYN scan, a TCP FIN scan will send a FIN packet to a target port. TCP FIN packets are typically allowed through firewalls and filters.

For more Questions and Answers:

3.5.3 Quiz – Information Gathering and Vulnerability Scanning Answers Full 100%

Subscribe
Notify of
guest
0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments