A security consultant is examining a server that blocks standard connection attempts. The consultant wants to confirm open ports by sending partial requests that elicit acknowledgment without completing a full exchange. Which scanning approach accomplishes this goal?
The scanning approach uses an initial request without establishing the entire three-way handshake. When an open port receives the partial request, it sends an acknowledgment, which indicates the port is active. Approaches relying on different flags do not receive the same direct confirmation. The three-way handshake approach fails if filters prevent the final exchange. FIN-based or other flag-based approaches can confuse some targets or not elicit the needed response.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the SYN half-open scanning method?
Open an interactive chat with Bash
Why is the three-way handshake not ideal for port scanning?
Open an interactive chat with Bash
What is the difference between SYN half-open scanning and FIN-based scanning?