Port scanning probes a target for open ports — revealing running services that could be attacked. Open = service running. Closed = port accessible, no service. Filtered = firewall blocking.
SYN scan (-sS) is stealthy (doesn't complete handshake). Full connect scan (-sT) is noisy but works without raw socket access. UDP scanning is slow. Always get authorization — port scanning unauthorized systems is illegal in many jurisdictions.