associated with well-known port numbers.
                   For example, port 80 is HTTP, port 23 is
                   Telnet, and port 25 is SMTP.

                   Legalities

                   In the USA, no federal law prohibits scanning,
                   however, without permission: civil lawsuits
                   can occur and complaint to the ISP may get
                   you banned. In Europe, Finland deemed a port
                   scan as an attempt to break in and convicted a
                   17-year old. In some countries, it may be
                   illegal depending on the interpretation of the
                   law. Other parts of the world are the same, it
                   depends mostly on intent, but no law
                   specifically outlaws port scanning.

                   Port Scan Tips – get permission before you
                   scan and keep the scan tight, only scan what
                   you are 100% sure about. Understand open,
                   closed, and filtered. Understand the TCP Flags.
                   You should understand the three-way
                   handshake. Disable ping: find other methods
                   of verifying that systems are up. Remember
                   CSP+/Security+: Know the packets and
                   understand the TCP/IP model.

                   Port Scans Should Reveal – if a system is
                   active and responsive, what ports are open or
                   filtered? What services are running and what
                   information can be gleaned?



                                                               411