Home page logo

nmap-dev logo Nmap Development mailing list archives

Version scanning reports it scans UDP ports while is doesn't
From: Richard van den Berg <richard.vandenberg () ins com>
Date: Thu, 19 Jan 2006 17:52:06 +0000

I am playing with the version scanning options of nmap 3.95, and found
something strange. When running

nmap -A -T4 -vv -oA outfile scanme.nmap.org

outfile.gnmap mentions it scans 1670 TCP ports, and 0 UDP and 0
PROTOCOLS. Just as I expected. However, if I use

nmap -A -T4 -p- -vv -oA outfile scanme.nmap.org

outfile.gnmap suddenly mentions it scans 65535 TCP, 65535 UDP and 255
PROTOCOLS. Eek. According to tcpdump however, the only UDP port that is
scanned is 25. A bit odd since I did not ask for it, and 25 TCP is
reported as closed anyway. Adding -sS does not alter this behaviour at
all, while using -p T:1-65535 does mention it will not scan any UDP
ports, port 25 is still probed.

Is this expected behavior of this -A flag?


Richard van den Berg

Sent through the nmap-dev mailing list

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]