This option performs an exhaustive TCP port scan by using various TCP packets to determine the status of a port. When scanning for services offered by a given machine or target, opening the port logs a message in the server’s logs. Stealth scanning sends a sequence of rudimentary packets to the target port, and based on the response, determines what ports are available without making a connection. This exploit goes undetected by the host. Stealth scanning does not necessarily detect vulnerabilities, but will determine the services available and can give some give insight into the TCP/IP stack implementation. Some filter-based firewalls may allow TCP port scanning even though they block connections to these ports.
Note: The stealth scan may require up to two minutes per host. This option works only on SunOS, Solaris, Linux, and Windows NT.
Linux Inetd: When enabled, prevents the stealth from causing Linux’s inetd process to fail. Inetd failure will result in loss of most network services.