During a TCP reconnaissance phase you run an Nmap scan and notice that several target ports are marked open|filtered, while others appear simply as filtered. This result indicates that the probe elicited no response, so the port might be open or silently dropped by a firewall. Which Nmap scanning option most commonly produces this ambiguous state?
The TCP FIN scan (invoked with the -sF switch) sends a packet with only the FIN flag set. By TCP standards, closed ports reply with an RST, but open ports ignore the packet. If nothing is heard back, Nmap cannot tell whether the port is truly open or whether a firewall filtered the probe, so it categorizes the port as open|filtered. SYN (-sS) and full-connect (-sT) scans usually receive clear SYN/ACK or RST responses that let Nmap decide between open and closed. ACK scans (-sA) distinguish only filtered versus unfiltered and do not label ports open|filtered. Hence, the FIN scan is the technique that most often yields the open|filtered state.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
How does a TCP FIN scan work in port enumeration?
Open an interactive chat with Bash
Why does the open|filtered state occur during a FIN scan?
Open an interactive chat with Bash
What makes FIN scans different from SYN or ACK scans in Nmap?
Open an interactive chat with Bash
What is a TCP FIN scan?
Open an interactive chat with Bash
How does Nmap distinguish between open, filtered, and open|filtered ports?
Open an interactive chat with Bash
Why is the TCP FIN scan considered stealthy?
Open an interactive chat with Bash
Certified Ethical Hacker (CEH)
Reconnaissance Techniques
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .