You want to perform a ping sweep of a subnet within your target organization. Which of the following nmap command lines is your best option?
A. nmap 192.168.1.0/24
B. nmap -sT 192.168.1.0/24 - TCP connected scan
C. nmap -sP 192.168.1.0/24 - Ping sweep
D. nmap -P0 192.168.1.0/24 - Scan without ping (ICMP)
C. The -sP switch within nmap is designed for a ping sweep. Nmap syntax is fairly straightforward: nmap<scan options><target>. If you don’t define a switch, nmap performs a basic enumeration scan of the targets. The switches, though, provide the real power with this tool.
A is incorrect because this syntax will not perform a ping sweep. This syntax will run a basic scan against the entire subnet.
B is incorrect because the -sT switch does not run a ping sweep. It stands for a TCP Connect scan, which is the slowest—but most productive and
loud—scan option.
D is incorrect because this syntax will not perform a ping sweep. The -P0 switch actually runs the scan without ping (ICMP). This is a good switch to
use when you don’t seem to be getting responses from your targets. It forces nmap to start the scan even if it thinks that the target doesn’t exist (which
is useful if the computer is blocked by a firewall).
No comments:
Post a Comment