- Knowledge Base
- System & Network Scanning
- Scan profiles
-
Security Announcements
-
Product News
-
Next-Gen Vulnerability Management
-
Getting Started
-
General
-
Operating Status
-
System & Network Scanning
-
Web Application Scanning
-
Cloud Scanning (CSPM)
-
API Scanning
-
Phishing & Awareness Training
-
Scanner Appliance
-
Device Agent
-
On-premise platform deployment
-
Asset Management
-
Vulnerability Manager
-
Reports
-
Digest Reports
-
Organizer
-
Continuous Monitoring
-
Integrations
-
Platform API
-
Remediation
-
Users
-
PCI DSS
-
Terms & Conditions
-
Dashboard
What is the difference between TCP SYN and TCP SYN + ACK in a scan profile?
TCP SYN
The TCP SYN Ping sends a connection-like request to a port, receiving a reset (RST) for closed ports or an SYN/ACK for open ones. The scanner marks the host as responsive, regardless of port status.
TCP SYN + ACK
TCP ACK method sends an acknowledgment (ACK) for non-existent data, triggering an RST response revealing the host's presence. If no response is received back, the scanner will also try the TCP SYN method.
Both of those methods allow the scanner to navigate different firewall setups, increasing the chances of successful host discovery in diverse network environments.
An example case of where you might want to change this option is when assets are created even for non-responding IPs because of the firewall configuration.