Introduction

What?

Determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use …

Why?

To find potential initial vulnerable attack vectors.

How?