ACK (Acknowledgment) scanning is a networking scanning technique utilized to map out firewall rules and highlight stateful firewall configurations. It is one of several types of scans that NMAP, an open-source network scanner offering a range of services such as OS detection, version detection, and script scanning, can perform.

When it comes to TCP/IP network communication, one of the flags available in TCP (Transmission Control Protocol) is the ACK flag. All TCP connections start with a three-way handshake (SYN, SYN-ACK, ACK) where both communicating parties agree on initiating a connection. An ACK scan leverages this TCP/IP behavior. It sends an ACK packet to a specified port, then based on the received response, it determines whether that port is filtered or unfiltered.

If an RST (reset) packet is received in response, the scanner knows that the port is unfiltered. However, if there is no response, or if the packet is ICMP unreachable, the port is considered to be filtered. An important thing about ACK scan is that it doesn’t determine whether a port is open or closed, only that it is filtered or unfiltered.

To use an ACK scan in NMAP, you can execute it directoy through a console or terminal using the following command: `nmap -sA target` (where “target” is the IP address or hostname of the system you wish to scan). For instance, if one wants to do an ACK scan on a system with an IP address of 192.168.1.1, the command would be: `nmap -sA 192.168.1.1`.

It is important to note that this kind of scanning should only be done by network administrators or professionals conducting security evaluations with the appropriate permissions, as it can be considered invasive and potentially against the law in some jurisdictions without proper authorization.

The understanding of this topic and examples given came from acknowledged online resources about NMAP and network security such as NMAP’s Official Documentation (https://nmap.org/book/man-port-scanning-techniques.html), SANS Institute’s Information Security Reading Room paper on ‘NMAP: A Novel Approach to Network Security’ by Sumedh Thakar (https://www.sans.org/reading-room/whitepapers/testing/nmap-novel-approach-network-security-868), and resources by cybersecurity education platform, StationX (https://www.stationx.net/tcp-three-way-handshake/).

DinoGeek offers simple articles on complex technologies

Would you like to be quoted in this article? It's very simple, contact us at dino@eiki.fr

CSS | NodeJS | DNS | DMARC | MAPI | NNTP | htaccess | PHP | HTTPS | Drupal | WEB3 | LLM | Wordpress | TLD | Domain name | IMAP | TCP | NFT | MariaDB | FTP | Zigbee | NMAP | SNMP | SEO | E-Mail | LXC | HTTP | MangoDB | SFTP | RAG | SSH | HTML | ChatGPT API | OSPF | JavaScript | Docker | OpenVZ | ChatGPT | VPS | ZIMBRA | SPF | UDP | Joomla | IPV6 | BGP | Django | Reactjs | DKIM | VMWare | RSYNC | Python | TFTP | Webdav | FAAS | Apache | IPV4 | LDAP | POP3 | SMTP