Kali Linux 2018:Assuring Security by Penetration Testing
上QQ阅读APP看书,第一时间看更新

Nmap half-open/stealth scan

This option will start by sending (SYN) a connection on each port on a target host. If the port is open, the host will reply to the request with (SYN, ACK).

If the port is not open (that is, closed), the host will answer with a connection reset (RST).
If no response is received, it is assumed that the port is filtered. The difference between a TCP scan and a stealth scan is that the connection initiator will not respond with an acknowledgement (ACK) packet. What makes this an effective scan is that since a full connection wasn't established it won't be logged.