312-50V10 · Question #698
Trinity needs to scan all hosts on a /16 network for TCP port 445 only. What is the fastest way she can accomplish this with Nmap? Stealth is not a concern.
The correct answer is A. nmap -p 445 -n -T4 -open 10.1.0.0/16. The fastest Nmap command for scanning a single TCP port across a large subnet combines targeted port specification, disabled DNS resolution, and aggressive timing. Since stealth is not a concern, maximum speed flags can be applied freely.
Question
Trinity needs to scan all hosts on a /16 network for TCP port 445 only. What is the fastest way she can accomplish this with Nmap? Stealth is not a concern.
Options
- Anmap -p 445 -n -T4 -open 10.1.0.0/16
- Bnmap -p 445 -max -Pn 10.1.0.0/16
- Cnmap -sn -sF 10.1.0.0/16 445
- Dnmap -s 445 -sU -T5 10.1.0.0/16
How the community answered
(69 responses)- A75% (52)
- B4% (3)
- C6% (4)
- D14% (10)
Why each option
The fastest Nmap command for scanning a single TCP port across a large subnet combines targeted port specification, disabled DNS resolution, and aggressive timing. Since stealth is not a concern, maximum speed flags can be applied freely.
The flag -p 445 limits the scan strictly to TCP port 445, -n disables DNS resolution to eliminate lookup delays across all 65,536 hosts in the /16 subnet, and -T4 sets aggressive timing to accelerate probe rates. Together these options produce the fastest complete TCP port 445 scan of the network without introducing unnecessary overhead from host discovery or name resolution.
-max is not a valid Nmap flag, making this command syntactically incorrect and non-functional as written.
-sn performs a ping sweep with no port scanning at all, so combining it with -sF and a port number does not produce a valid port 445 scan.
-s 445 is not a recognized Nmap flag, and -sU specifies a UDP scan rather than the TCP scan required to check port 445.
Concept tested: Nmap flags for fast targeted TCP port scanning
Source: https://nmap.org/book/man-briefoptions.html
Topics
Community Discussion
No community discussion yet for this question.