Linux – Nmap: what is the difference between “nmap ” and “nmap -sS “

linuxnetworkingSecurityUbuntuunix

This is an extremely basic question but also one I can't really seem to find an answer for, despite looking through the nmap documentation (man, online, and google).

My question is, what is the difference between doing nmap <target> and nmap -sS <target>, for example? I know that -sS is a TCP SYN scan, but I guess what I am not sure of is how/why this differs from just scanning ports using nmap <target>?

Best Answer

There is no difference. Per the man page -sS is the default scan type (usually.. see the man page for exceptions). I've confirmed this with a tcpdump.

Related Solutions

Difference Between ‘unlink’ and ‘rm’ in Linux

Both are a wrapper to the same fundamental function which is an unlink() system call.

To weigh up the differences between the userland utilies.

rm(1):

More options.
More feedback.
Sanity checking.
A bit slower for single calls as a result of the above.
Can be called with multiple arguments at the same time.

unlink(1):

Less sanity checking.
Unable to delete directories.
Unable to recurse.
Can only take one argument at a time.
Marginally leaner for single calls due to it's simplicity.
Slower when compared with giving rm(1) multiple arguments.

You could demonstrate the difference with:

$ touch $(seq 1 100)
$ unlink $(seq 1 100)
unlink: extra operand `2'

$ touch $(seq 1 100)
$ time rm $(seq 1 100)

real    0m0.048s
user    0m0.004s
sys     0m0.008s

$ touch $(seq 1 100)
$ time for i in $(seq 1 100); do rm $i; done

real    0m0.207s
user    0m0.044s
sys     0m0.112s

$ touch $(seq 1 100)
$ time for i in $(seq 1 100); do unlink $i; done

real    0m0.167s
user    0m0.048s
sys     0m0.120s

If however we're talking about an unadulterated call to the system unlink(2) function, which I now realise is probably not what you're accounting for.

You can perform a system unlink() on directories and files alike. But if the directory is a parent to other directories and files, then the link to that parent would be removed, but the children would be left dangling. Which is less than ideal.

Edit:

Sorry, clarified the difference between unlink(1) and unlink(2). Semantics are still going to differ between platform.

The difference between Unix sockets and TCP/IP sockets

A UNIX socket, AKA Unix Domain Socket, is an inter-process communication mechanism that allows bidirectional data exchange between processes running on the same machine.

IP sockets (especially TCP/IP sockets) are a mechanism allowing communication between processes over the network. In some cases, you can use TCP/IP sockets to talk with processes running on the same computer (by using the loopback interface).

UNIX domain sockets know that they’re executing on the same system, so they can avoid some checks and operations (like routing); which makes them faster and lighter than IP sockets. So if you plan to communicate with processes on the same host, this is a better option than IP sockets.

Edit: As per Nils Toedtmann's comment: UNIX domain sockets are subject to file system permissions, while TCP sockets can be controlled only on the packet filter level.

Best Answer

Related Solutions

Difference Between ‘unlink’ and ‘rm’ in Linux

The difference between Unix sockets and TCP/IP sockets

Related Topic