Re: Port Scanning Issues

---

• From: sherwyn.williams@xxxxxxxxx
• Date: Tue, 26 Jun 2007 11:53:11 +0000

---

For staters haveyou used Nmap also the host that is being scanned do you have a firewall on it, and if so is it setup to drop any icmp packets?

If you use nmap with a no ping scann and then look for tcp fiirst then udp you should get some results.

Nmap -P0 -sT
-sU for udp.
Sherwyn Williams
Technical Support
The Williams Solutions

-----Original Message-----
From: crumdub12@xxxxxxxxx

Date: 25 Jun 2007 21:59:58
To:pen-test@xxxxxxxxxxxxxxxxx
Subject: Port Scanning Issues


A Chairde,


Havin, some issues with scanning stacks on my system.


1. Using Superscan4 , I scan stack UDP-TCP 1-65534 , Sometimes I

get no ports open , another time I get 49159 UDP Ports open, only get port report, no attempt made to open any ports ... , when get open ports , I always get 49159 UDP Ports ...... , use the scanner at 250msecs , takes around 16 hours to finish.


2. Using Languard, Nessus and Retina , get different scans from each tool, any ideas why, how do I find out real ports open.. differences can be 10,000 ports



------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------

---

• References:
  • Port Scanning Issues
    • From: crumdub12

• Prev by Date: Re: Port Scanning Issues
• Next by Date: Mpack
• Previous by thread: Port Scanning Issues
• Next by thread: Re: Port Scanning Issues
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Identifying Kernel 2.4.x based Linux machines using UDP ... > Linux Kernel 2.4.x has a bug with the UDP implementation which allows ... It also isn't specific to UDP -- you'll find ... Last year I added a feature to Nmap which automates this IPID ... (Bugtraq) Re: how nmap can know my firewalled servers ? ... UDP or ICMP protocol), it will mark the port as closed. ... descrition, how NMAP determins, if the UDP port is open or closed. ... Try Webroot's Spy Sweeper Enterprisefor 30 days for FREE with no ... (Security-Basics) Re: nmap udp scan time ... The scan syntax used is as follows: ... Should a UDP scan take such a long time? ... Note that nmap adjusts the number of concurrent probes based on its performance. ... reasonably fast devices on a lightly-loaded local LAN. ... (Pen-Test) Re: IP Chains -- DENY or REJECT ... >-sU UDP scans: This method is used to determine which UDP (User Data? ... > to send 0 byte udp packets to each port on the target machine. ... is depend on specification of nmap. ... Which useage is correct, DENY or REJECT? ... (comp.os.linux.security) nmap -- UDP scanning ... It is well documented that UDP scanners wait for an "icmp port unreachable" message to differentiate between open/filtered ... Seen as this method cannot be used, it does not seem feasible for nmap to generate any meaningful information in this ... If the port is open, nmap sends two udp packets with a length of zero -- no data is returned. ... (Pen-Test)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > pen-test  > 2007-06