nmap -Pn -n -sS -T
-Pn don't do a ping scan.
-n no name resolution
-p what port
--script to enact a specific set of scripts. say like ftp*
-sV Version enumeration
-O OS detection
--scan-delay 1s
-T3 is the default entry (i think)
nmap -v -sS -Pn -n --disable-arp-ping --discovery-ignore-rst -sV -sC -p- -T5
- --disable-arp-ping
- --discovery-ignore-rst
- -Pn skips the host discovery process
- -n stops DNS resolution
- -PS a syn request to a port
- -PA an ACK request to a port
- -PU a UDP request to a pot
- -PE ICMP Echo request to a port
- (local network only) - ARP scan first
- ICMP echo request (ping)
- TCP scan of ports 80 & 443
- ICMP timestamp request
