What is stealth scan please

What is stealth scan please
I could not find any website about this
Please help
Thanks
Jean
jean11Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

DarkFishCommented:
I assume you mean the process of scanning a target (e.g. computer or router) multiple times on specific ports or port ranges to see if the target responds in any manner, and if so in a manner that might reveal a vulnerability within the target.

For example someone could scan your computer's IP address on the Internet to see if it responds to specific requests on a port range; if it did then they could identify that there was a target there; the stealth element is to try and ensure that the target is essentially "invisible" by not responding to any requests on any port without proper protocol.
0
LazarusCommented:
A Stealth scan can refer to more than one type of scan.

Half-Open or SYN scan: Instead of completing the full TCP three-way-handshake a full connection is not made. A SYN packet is sent to the system and if a SYN/ACK packet is received it is assumed that the port on the system is active. In that case a RST/ACK will be sent which will determined the listening state the system is in. If a RST/ACK packet is received, it is assumed that the port on the system is not active.

FIN scan: According to RFC 793 a system should send back an RST for all TCP ports closed when they receive a FIN packet for a specific port.

XMAS tree scan: According to RFC 793 a system should send back an RST for all TCP ports closed when they receive a FIN/URG/PUSH packet for a specific port.

NULL scan: According to RFC 793 a system should send back an RST for all TCP ports closed when they receive a packet without any specified IP flags for a specific port.
Slow scan: Any of the above scans could be used as a slow scan. A slow scan is when the attacker sends packets at a very slow rate. Sometimes these scans can be conducted over hours, days, or weeks. The idea is since they are so slow, the victim's security measures won't ``notice'' the scan.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
jahboiteCommented:
lazarus98 provides an excellent answer and I would merely add that "Stealth Scan" most commonly refers to the SYN (Half-Open) scan and that the word "Stealth" refers to the fact that, as the three-way handshake is never completed and a full connection is never established, the scan is less likely to be logged by packet aware applications (e.g. firewalls) on the target.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Vulnerabilities

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.