The syntax to trigger a SYN Scan is:

nmap -sS <IP address>

If no scan type is selected, nmap will default to a SYN Scan. Alternatively it can be explicitly triggered with the -sS flag. SYN Scans do not conduct a full TCP 3 way handshake when port scanning, instead nmap will send a SYN packet, and look at the response. If a SYN-ACK packet is returned, the port is open. If a RST packet is returned, the port is closed. As this does not follow the standard use of the TCP protocol, only a privileged user can trigger a SYN Scan as nmap will require the ability to manipulate the raw packets.

Due to the fact that a SYN Scan never completes a TCP connection, it is sometimes referred to as a half-open scan (the handshake is never completed) or stealth scan (due to not completing the connection, there are no connection logs created).

‍