This is a multi-part blog post about port scanning. In this post we're going to cover port scan theory. In the next post in this series we'll look at the practical parts of port scanning. It might seem a little dry in places, but stick with it as it's knowledge you're almost certainly going to be tested on in any professional exam. If it's not in your exam, you're in the wrong class.
Earlier we looked at the theory behind different types of port scans. Here we'll put the theory into practice and see what we find on a lab network. In this example I have a copy of metasploitable 2 running on IP address 10.0.2.4. If you have a copy of virtualbox, it's worth playing along with this post.