Home page logo
/

nmap-dev logo Nmap Development mailing list archives

UDP port scans
From: "David G. Cheney" <dgc () rocketfiber com>
Date: Tue, 27 Apr 2004 23:48:47 -0700

I've noticed that:
1) ICMP Port Unreachable Scanning seems to still be state of the art for UDP port scans. 2) nmap uses this method, along with some rate limiting to get around the now common icmp rate limiting of many network stacks. 3) UDP scanning of my linux system (2.6.x) with nmap -sU -F produces a couple thousand open ports (and about 4 closed ones).

no, there is only one udp port open on my machine, and I've tried tweaking the icmp rate limiting parameters around to no effect.

So I guess my question is: has anyone got a better idea as to how to do a UDP port scan? I'm actually considering that service scanning might do it, though it requires that whatever is running conforms to some (published or not) standard behavior.

Perhaps there is a survey somewhere of UDP services and the minimum input that they will respond to?

--dgc

---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to nmap-dev-help () insecure org . List archive: http://seclists.org



  By Date           By Thread  

Current thread:
  • UDP port scans David G. Cheney (Apr 28)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]