Nmap

The network mapper, or nmap, is used to scan Ports on a given host. It is assumed you have nmap in your $PATH in our examples. If you don't find an option in your version of nmap, you might want to upgrade to the latest version. We were using nmap 4.20 while writing this page.

You may wish to spoof your MAC address. You can specify 0 for random, or the name of a vendor such as "Cisco", or the actual MAC address you want to impersonate: $ nmap --spoof-mac Cisco

If you want nmap to try to determine the remote operating system:

$ nmap -O $host

To do a Christmas Tree scan you'd type
 * 1) nmap -sX $host

Official nmap website

self port scan