This is the eleventh post detailing my notes on Nmap Network Scanning.
This scan does not determine if ports are open/closed, it’s designed to map firewall rules and discover if they are stateful or not.
If an RST is received in response to the probe – which should happen in accordance with RFC – then port is labelled “unfiltered”.
Ports that don’t respond or contain ICMP error messages are labelled as “filtered”.
ACK packets are more difficult for the target to filter as they do not reveal who initiated the contact; unlike SYN packets. Only stateful firewalls can block unsolicited ACK packets.
~# nmap -sA scanme.nmap.org
Starting Nmap 6.25 ( http://nmap.org ) at 2013-07-06 16:04 BST
Nmap scan report for scanme.nmap.org (74.207.244.221)
Host is up (0.042s latency).
Not shown: 998 filtered ports
PORT STATE SERVICE
554/tcp unfiltered rtsp
7070/tcp unfiltered realserverNmap done: 1 IP address (1 host up) scanned in 16.70 seconds