Discover Folder Page
The discover page lets you choose the discovery method to use with nmap. The following picture
shows a screenshot of the dicover page:

The following methods are supported:
- TCP Ping: Use TCP "ping" to determine what hosts are up.
Instead of sending ICMP echo request packets and
waiting for a response, we spew out TCP ACK packets
throughout the target network (or to a single
machine) and then wait for responses to trickle
back. Hosts that are up should respond with a RST.
This option preserves the efficiency of only scan
ning hosts that are up while still allowing you to
scan networks/hosts that block ping packets. For
non root users, we use connect(). To set the des
tination port of the probe packets use -PT<port
number>. The default port is 80, since this port
is often not filtered out.
- ICMP+TCP: This is the default ping type. It uses both the
ACK ( -PT ) and ICMP ( -PI ) sweeps in parallel.
This way you can get firewalls that filter either
one (but not both). The TCP probe destination port
can be set in the same manner as with -PT above.
- ICMP:This option uses a true ping (ICMP echo request)
packet. It finds hosts that are up and also looks
for subnet-directed broadcast addresses on your
network. These are IP addresses which are exter
nally reachable and translate to a broadcast of
incomming IP packets to a subnet of computers.
These should be eliminated if found as they allow
for numerous denial of service attacks (Smurf is
the most common).
- Don't Ping: Do not try and ping hosts at all before scanning
them. This allows the scanning of networks that
don't allow ICMP echo requests (or responses)
through their firewall. microsoft.com is an exam
ple of such a network, and thus you should always
use -P0 or -PT80 when portscanning microsoft.com.
Copyright © JV Software