Stealth scanning with Scapy
One way to perform a TCP port scan is to perform a partial, TCP three-way handshake on target ports to identify whether the ports are accepting connections or not. This type of scan is referred to as a stealth scan, SYN scan, or half-open scan. This specific recipe will demonstrate how to use Scapy to perform a TCP stealth scan.
Getting ready
To use Scapy to perform a TCP stealth scan, you will need to have a remote system that is running accessible network services over TCP. In the examples provided, an instance of Metasploitable2 is used to perform this task. For more information on how to set up Metasploitable2, refer to Chapter 1, Getting Started. Additionally, this section will require a script to be written to the filesystem using a text editor, such as VIM or Nano. For more information on how to write scripts, refer to the Using text editors (VIM and Nano) recipe in Chapter 1, Getting Started.
How to do it…
To demonstrate how a SYN scan is performed, we craft...
