Nmap commands to check Reconnaissance Scan feature in Deep Security

- Updated:
- 24 Nov 2016
- Product/Version:
- Deep Security 9.6
- Platform:
- CentOS 5.4 32-bit
- CentOS 5.4 64-bit
- CentOS 5.5 32-bit
- CentOS 5.5 64-bit
- CentOS 5.6 32-bit
- CentOS 5.6 64-bit
- CentOS 5.7 32-bit
- CentOS 5.7 64-bit
- CentOS 5.8 32-bit
- CentOS 5.8 64-bit
- CentOS 6 32-bit
- CentOS 6 64-bit
- CentOS 6.1 32-bit
- CentOS 6.1 64-bit
- CentOS 6.2 32-bit
- CentOS 6.2 64-bit
- Linux - Red Hat RHEL 4 32-bit
- Linux - Red Hat RHEL 4 64-bit
- Linux - Red Hat RHEL 5 32-bit
- Linux - Red Hat RHEL 5 64-bit
- Linux - Red Hat RHEL 6 32-bit
- Linux - Red Hat RHEL 6 64-bit
- Linux - SuSE 10
- Linux - SuSE 10 64-bit
- Linux - SuSE 11
- Linux - SuSE 11 64-bit
- Oracle Linux 5 32-bit
- Oracle Linux 5 64-bit
- Oracle Linux 6 32-bit
- Oracle Linux 6 64-bit
- Oracle Solaris 11 SPARC
- Oracle Solaris 11 x86
- Ubuntu 10.04 64-bit
- Ubuntu 12.04 64-bit
- Unix - Solaris (Sun) version 10 (SunOS 5.10)
- Unix - Solaris (Sun) version 9 (SunOS 5.9)
- Windows 2003 Enterprise
- Windows 2003 Enterprise 64-bit
- Windows 2003 Server R2
- Windows 2003 Small Business Server
- Windows 2003 Small Business Server R2
- Windows 2003 Standard
- Windows 2003 Standard 64-bit
- Windows 2008 Datacenter 64-bit
- Windows 2008 Enterprise
- Windows 2008 Enterprise 64-bit
- Windows 2008 Essential Business Server
- Windows 2008 Server Core
- Windows 2008 Server Foundation
- Windows 2008 Server R2
- Windows 2008 Server R2 Datacenter
- Windows 2008 Server R2 Enterprise
- Windows 2008 Server R2 with Hyper-V(TM)
- Windows 2008 Small Business Server
- Windows 2008 Standard
- Windows 2008 Standard 64-bit
- Windows 2012 Datacenter R2
- Windows 2012 Enterprise
- Windows 2012 Server Essential R2
- Windows 2012 Server Foundation R2
- Windows 2012 Standard R2
- Windows 7 32-bit
- Windows 7 64-bit
- Windows 8 32-bit
- Windows 8 64-bit
- Windows 8.1 32-bit
- Windows 8.1 64-bit
- Windows Vista 32-bit
- Windows Vista 64-bit
- Windows XP Professional
- Windows XP Professional 64-bit
- Windows XP SP2 32-bit
- Windows XP SP3 32-bit

Summary

The Deep Security Reconnaissance Scan feature allows the detection of network port scanning to the remote host. It can detect possible attack in your system.

To simulate different types of Reconnaissance Scan and check how Deep Security can detect it, you can use freeware cross-platform tool such as Nmap (Network Mapper).

Details

You can refer to the Nmap website for the installation binaries for different platforms.

Below are the Nmap commands that can be used to simulate the Reconnaissance Scan.

Type	Description	Nmap command
Computer OS Fingerprint Probe	The Agents/Appliances will recognize and react to active TCP stack OS fingerprinting attempts	Nmap -v -O target_IP
Network or Port Scan	The Agents/Appliances will recognize and react to port scans.	Nmap -v -sS target_IP
TCP Null Scan	The Agents/Appliances will refuse packets with no flags set.	Nmap -v -sN target_IP
TCP SYNFIN Scan	The Agents/Appliances will refuse packets with only the SYN and FIN flags set.	Nmap -v —scanflags SYNFIN target_IP
TCP Xmas Scan	The Agents/Appliances will refuse packets with only the FIN, URG, and PSH flags set or a value of 0xFF (every possible flag set).	Nmap -v -sX target_IP

For more information about the Reconnaissance Scan feature, refer to the Deep Security 9.0 Administrator Guide.

Rating:

Category:

Configure; Troubleshoot

Solution Id:

1104677

Feedback

Did this article help you?

Thank you for your feedback!

What was the problem with this article?

The image(s) in the article did not display properly.

The article did not provide detailed procedure.

The article is hard to understand and follow.

The video did not play properly.

The article did not resolve my issue.

Others. Please specify.

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:

We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

Thanks for voting.

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:

We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.