Different scans do different things. The
man page for nmap explains a lot of them. I'll explain the most common type: Syn scanning.
First thing, ports occur within TCP or UDP. These are transport protocols that live at the transport layer (layer 4) of the
OSI Model . IP is layer 3, ethernet is 2, etc.
Syn scanning uses the properties of TCP to dectect if a given port is open, closed, or filtered. TCP is a reliable protocol that establishes connections before any data is transmitted. TCP uses what's called a "3-Way handshake" to establish connections. The computer that wants to establish the session sends a SYN (Syncronize) packet to the computer it wants to talk to. If the ort is "open" on the recipient (accepting connections) it responds with a SYNACK (syncronize acknowledge). Finally the original computer send a ACK and the connection has been established and data may now flow.
So, when you SYn scan, you send a SYN packet to every port specified and see which ones are willing to establish a connection, hence are "open"
Infinite