mirror of
https://github.com/nmap/nmap.git
synced 2025-12-06 04:31:29 +00:00
Fix refguide indexterms mucking with manpage again. Fixes #463 [ci skip]
This commit is contained in:
dmiller
22
docs/nmap.1
22
docs/nmap.1
@@ -2,12 +2,12 @@
|
||||
.\" Title: nmap
|
||||
.\" Author: [see the "Author" section]
|
||||
.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/>
|
||||
.\" Date: 07/19/2016
|
||||
.\" Date: 07/22/2016
|
||||
.\" Manual: Nmap Reference Guide
|
||||
.\" Source: Nmap
|
||||
.\" Language: English
|
||||
.\"
|
||||
.TH "NMAP" "1" "07/19/2016" "Nmap" "Nmap Reference Guide"
|
||||
.TH "NMAP" "1" "07/22/2016" "Nmap" "Nmap Reference Guide"
|
||||
.\" -----------------------------------------------------------------
|
||||
.\" * Define some portability stuff
|
||||
.\" -----------------------------------------------------------------
|
||||
@@ -729,32 +729,38 @@ filtered\&.
|
||||
.PP
|
||||
\fBThe six port states recognized by Nmap\fR
|
||||
.PP
|
||||
.\" open port state open
|
||||
open
|
||||
.\" open port state
|
||||
.RS 4
|
||||
An application is actively accepting TCP connections, UDP datagrams or SCTP associations on this port\&. Finding these is often the primary goal of port scanning\&. Security\-minded people know that each open port is an avenue for attack\&. Attackers and pen\-testers want to exploit the open ports, while administrators try to close or protect them with firewalls without thwarting legitimate users\&. Open ports are also interesting for non\-security scans because they show services available for use on the network\&.
|
||||
.RE
|
||||
.PP
|
||||
.\" closed port state closed
|
||||
closed
|
||||
.\" closed port state
|
||||
.RS 4
|
||||
A closed port is accessible (it receives and responds to Nmap probe packets), but there is no application listening on it\&. They can be helpful in showing that a host is up on an IP address (host discovery, or ping scanning), and as part of OS detection\&. Because closed ports are reachable, it may be worth scanning later in case some open up\&. Administrators may want to consider blocking such ports with a firewall\&. Then they would appear in the filtered state, discussed next\&.
|
||||
.RE
|
||||
.PP
|
||||
.\" filtered port state filtered
|
||||
filtered
|
||||
.\" filtered port state
|
||||
.RS 4
|
||||
Nmap cannot determine whether the port is open because packet filtering prevents its probes from reaching the port\&. The filtering could be from a dedicated firewall device, router rules, or host\-based firewall software\&. These ports frustrate attackers because they provide so little information\&. Sometimes they respond with ICMP error messages such as type 3 code 13 (destination unreachable: communication administratively prohibited), but filters that simply drop probes without responding are far more common\&. This forces Nmap to retry several times just in case the probe was dropped due to network congestion rather than filtering\&. This slows down the scan dramatically\&.
|
||||
.RE
|
||||
.PP
|
||||
.\" unfiltered port state unfiltered
|
||||
unfiltered
|
||||
.\" unfiltered port state
|
||||
.RS 4
|
||||
The unfiltered state means that a port is accessible, but Nmap is unable to determine whether it is open or closed\&. Only the ACK scan, which is used to map firewall rulesets, classifies ports into this state\&. Scanning unfiltered ports with other scan types such as Window scan, SYN scan, or FIN scan, may help resolve whether the port is open\&.
|
||||
.RE
|
||||
.PP
|
||||
.\" open|filtered port state open|filtered
|
||||
open|filtered
|
||||
.\" open|filtered port state
|
||||
.RS 4
|
||||
Nmap places ports in this state when it is unable to determine whether a port is open or filtered\&. This occurs for scan types in which open ports give no response\&. The lack of response could also mean that a packet filter dropped the probe or any response it elicited\&. So Nmap does not know for sure whether the port is open or being filtered\&. The UDP, IP protocol, FIN, NULL, and Xmas scans classify ports this way\&.
|
||||
.RE
|
||||
.PP
|
||||
.\" closed|filtered port state closed|filtered
|
||||
closed|filtered
|
||||
.\" closed|filtered port state
|
||||
.RS 4
|
||||
This state is used when Nmap is unable to determine whether a port is closed or filtered\&. It is only used for the IP ID idle scan\&.
|
||||
.RE
|
||||
|
||||
@@ -1031,9 +1031,9 @@ options from across the Internet might show that port as <literal>filtered</lite
|
||||
|
||||
<variablelist><title>The six port states recognized by Nmap</title>
|
||||
|
||||
<varlistentry><term>
|
||||
<varlistentry><term>open
|
||||
<indexterm><primary><literal>open</literal> port state</primary></indexterm>
|
||||
open</term>
|
||||
</term>
|
||||
<listitem><para>An application is actively accepting TCP
|
||||
connections, UDP datagrams or SCTP associations on this port.
|
||||
Finding these is often the primary goal of port scanning.
|
||||
@@ -1045,9 +1045,9 @@ options from across the Internet might show that port as <literal>filtered</lite
|
||||
services available for use on the network.
|
||||
</para></listitem></varlistentry>
|
||||
|
||||
<varlistentry><term>
|
||||
<varlistentry><term>closed
|
||||
<indexterm><primary><literal>closed</literal> port state</primary></indexterm>
|
||||
closed</term>
|
||||
</term>
|
||||
|
||||
<listitem><para>A closed port is accessible (it receives and
|
||||
responds to Nmap probe packets), but there is no application
|
||||
@@ -1059,9 +1059,9 @@ options from across the Internet might show that port as <literal>filtered</lite
|
||||
appear in the filtered state, discussed next.
|
||||
</para></listitem></varlistentry>
|
||||
|
||||
<varlistentry><term>
|
||||
<varlistentry><term>filtered
|
||||
<indexterm><primary><literal>filtered</literal> port state</primary></indexterm>
|
||||
filtered</term>
|
||||
</term>
|
||||
|
||||
<listitem><para>Nmap cannot determine whether the port is open
|
||||
because packet filtering prevents its probes from reaching the port.
|
||||
@@ -1075,9 +1075,9 @@ options from across the Internet might show that port as <literal>filtered</lite
|
||||
in case the probe was dropped due to network congestion rather than
|
||||
filtering. This slows down the scan dramatically.</para></listitem></varlistentry>
|
||||
|
||||
<varlistentry><term>
|
||||
<varlistentry><term>unfiltered
|
||||
<indexterm><primary><literal>unfiltered</literal> port state</primary></indexterm>
|
||||
unfiltered</term>
|
||||
</term>
|
||||
<listitem><para>The unfiltered state means that a port is accessible,
|
||||
but Nmap is unable to determine whether it is open or closed. Only
|
||||
the ACK scan, which is used to map firewall rulesets, classifies
|
||||
@@ -1086,9 +1086,9 @@ options from across the Internet might show that port as <literal>filtered</lite
|
||||
whether the port is open.
|
||||
</para></listitem></varlistentry>
|
||||
|
||||
<varlistentry><term>
|
||||
<varlistentry><term>open|filtered
|
||||
<indexterm><primary><literal>open|filtered</literal> port state</primary></indexterm>
|
||||
open|filtered</term>
|
||||
</term>
|
||||
<listitem><para>Nmap places ports in this state when it is unable to
|
||||
determine whether a port is open or filtered. This occurs for scan
|
||||
types in which open ports give no response. The lack of
|
||||
@@ -1098,9 +1098,9 @@ options from across the Internet might show that port as <literal>filtered</lite
|
||||
FIN, NULL, and Xmas scans classify ports this
|
||||
way.</para></listitem></varlistentry>
|
||||
|
||||
<varlistentry><term>
|
||||
<varlistentry><term>closed|filtered
|
||||
<indexterm><primary><literal>closed|filtered</literal> port state</primary></indexterm>
|
||||
closed|filtered</term>
|
||||
</term>
|
||||
<listitem><para>This state is used when Nmap is unable to determine
|
||||
whether a port is closed or filtered. It is only used for the IP ID
|
||||
idle scan.</para></listitem></varlistentry>
|
||||
|
||||
Reference in New Issue
Block a user