Re: Port Scanning Issues



For staters haveyou used Nmap also the host that is being scanned do you have a firewall on it, and if so is it setup to drop any icmp packets?

If you use nmap with a no ping scann and then look for tcp fiirst then udp you should get some results.

Nmap -P0 -sT
-sU for udp.
Sherwyn Williams
Technical Support
The Williams Solutions

-----Original Message-----
From: crumdub12@xxxxxxxxx

Date: 25 Jun 2007 21:59:58
To:pen-test@xxxxxxxxxxxxxxxxx
Subject: Port Scanning Issues


A Chairde,


Havin, some issues with scanning stacks on my system.


1. Using Superscan4 , I scan stack UDP-TCP 1-65534 , Sometimes I

get no ports open , another time I get 49159 UDP Ports open, only get port report, no attempt made to open any ports ... , when get open ports , I always get 49159 UDP Ports ...... , use the scanner at 250msecs , takes around 16 hours to finish.


2. Using Languard, Nessus and Retina , get different scans from each tool, any ideas why, how do I find out real ports open.. differences can be 10,000 ports



------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------



Relevant Pages

  • Re: Identifying Kernel 2.4.x based Linux machines using UDP
    ... > Linux Kernel 2.4.x has a bug with the UDP implementation which allows ... It also isn't specific to UDP -- you'll find ... Last year I added a feature to Nmap which automates this IPID ...
    (Bugtraq)
  • Re: nmap udp scan takes too long
    ... But unicornscan beats nmap as it comes to udp scanning. ... Open and filtered ports rarely send any kind ...
    (Security-Basics)
  • Re: how nmap can know my firewalled servers ?
    ... UDP or ICMP protocol), it will mark the port as closed. ... descrition, how NMAP determins, if the UDP port is open or closed. ... Try Webroot's Spy Sweeper Enterprisefor 30 days for FREE with no ...
    (Security-Basics)
  • Re: Disovering hosts using UDP services
    ... Often udp port scanning say with nmap -sU -pPort1,Port2,.. ... but will respond for good dns query. ... windows discovery ...
    (Pen-Test)
  • Re: nmap udp scan time
    ... The scan syntax used is as follows: ... Should a UDP scan take such a long time? ... Note that nmap adjusts the number of concurrent probes based on its performance. ... reasonably fast devices on a lightly-loaded local LAN. ...
    (Pen-Test)