Discovery Options Discovery Options Overview Before port scanning a target, Nmap will attempt to send ICMP echo requests to see if the host is “alive.” This can save time when scanning multiple hosts as Nmap will not waste time attempting to probe hosts that are not online. Because ICMP requests are often blocked by firewalls, Nmap will also attempt to connect to port 80 and 443 since these common web server ports are often open (even if ICMP is not). The default discovery options aren’t useful when scanning secured systems and can hinder scanning progress. The following section describes alternative methods for host discovery which allows you to perform more comprehensive discovery when looking for available targets.