![]() When network admin will capture the incoming traffic he will get a packet for TCP-PSH flag, here we have used Wireshark for network packet analysis and we found that it is showing TCP-PSH packet for hex value 0x08 coming from 192.168.1.104 on port 21 as shown in given below image. Now execute given below command for enumerating state of any port, here we want to identify state for port 21. In this scan, we are sending the PSH flag of the tcp by using its hexadecimal value on the target machine to enumerate the state of ports is open, closed or filtered. When network admin will capture the incoming traffic he will get a packet for TCP-RST flag, here we have used Wireshark for network packet analysis and we found that it is showing TCP-RST packet for hex value 0x04 coming from 192.168.1.104 on port 21 as shown in given below image. In this scan, we are sending the RST flag of the tcp by using its hexadecimal value on the target machine to enumerate the state of ports is open, closed or filtered. RST flag is used to reset the connection between the sender machine and the target machine. When network admin will capture the incoming traffic he will get a packet for TCP-SYN flag, here we have used Wireshark for network packet analysis and we found that it is showing TCP-SYN packet for hex value 0x02 coming from 192.168.1.104 on port 21 as shown in given below image. nmap -p21 -scanflags 0x02 192.168.1.103įrom given below image you can observe we have successfully found port 21 open. In this scan, we are sending the SYN flag of the tcp by using its hexadecimal value on the target machine to enumerate the state of ports is open, closed or filtered. TCP-SYN flag always initiates communication to establish a connection with the target network. When network admin will capture the incoming traffic he will get a packet for TCP-FIN flag, here we have used Wireshark for network packet analysis and we found that it is showing TCP-FIN packet for hex value 0x01 coming from 192.168.1.104 on port 21 as shown in given below image. In this scan, we are sending the FIN flag of the tcp by using its hexadecimal value on the target machine to enumerate the state of ports is open, closed or filtered. TCP-FIN flag always used for finishing the communication with the target network. When network admin will capture the incoming traffic he will get a packet for TCP-NONE flag, here we have used Wireshark for network packet analysis and we found that it is showing TCP-NONE packet for hex value 0x00 coming from 192.168.1.104 on port 21 as shown in given below image. nmap -p21 -scanflags 0x00 192.168.1.103įrom given below image you can observe we have found port 21 filtered. In this scan, we are sending the NONE flag of the tcp by using its hexadecimal value on the target machine to enumerate the state of ports is open, closed or filtered. Let’s have a look over Hex value of TCP Flag in given below table which we are going to use in Nmap for port enumeration. In this article, we are going to scan the target machine by sending TCP flags through their hexadecimal value and the actual Flag name can be confirmed by analysis of Nmap traffic through Wireshark.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |