🍡TCP Connect Scans

An introduction to TCP's three-way handshake.

The client sends the server a SYN flag, the server replies with a SYN and ACK, and then the client replies back with an ACK. Nmap uses this to connect to the specified port and uses that information to determine whether or not the port is open.

If the port is closed, the target server will reply back with an RST.

There is a third possibility, however, being that the port is open but behind a firewall. Many firewalls are configured to drop incoming packets, which means that if Nmap recieves nothing back, it will determine that the port is being protected by a firewall.

They use the switch -sT.