🟢Port Status

There are a total of 6 different states for a scanned port we can obtain:




This indicates that the connection to the scanned port has been established. These connections can be TCP connections, UDP datagrams as well as SCTP associations.


When the port is shown as closed, the TCP protocol indicates that the packet we received back contains an RST flag. This scanning method can also be used to determine if our target is alive or not.


Nmap cannot correctly identify whether the scanned port is open or closed because either no response is returned from the target for the port or we get an error code from the target.


This state of a port only occurs during the TCP-ACK scan and means that the port is accessible, but it cannot be determined whether it is open or closed.


If we do not get a response for a specific port, Nmap will set it to that state. This indicates that a firewall or packet filter may protect the port.


This state only occurs in the IP ID idle scans and indicates that it was impossible to determine if the scanned port is closed or filtered by a firewall.

sudo nmap -p 21 --packet-trace -Pn -n --disable-arp-ping

Last updated