"nmap -sU -sV -p U:137,138 hostname" yields
Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2007-01-11 20:02 GMT
Interesting ports on host.mydomain.com (ip.add.r.e.ss):
PORT STATE SERVICE VERSION
137/udp open netbios-ns Microsoft Windows netbios-ssn
(workgroup: MYDOMAIN)
138/udp open|filtered netbios-dgm
MAC Address: 00:13:72:2E:1C:B1 (Dell)
Service Info: OS: Windows
Nmap finished: 1 IP address (1 host up) scanned in 51.395 seconds
So I guess it works ok. I can't tell on the 138 port whether it really
is open or filtered, there must have been no response on that port.
Thanks
-h
Hari Sekhon
Hans Nilsson wrote:
> Well since, like you mention, UDP ports don't typically respond to
> packets it's probably difficult. All I can think of is also trying a
> version scan and seeing if you can provoke a response from the port in
> question.
>
>
> On Thu, 11 Jan 2007 17:51:24 +0000, "Hari Sekhon"
> <hpsekhon_at_googlemail.com> said:
>
>> I'm trying to scan for the accessibility of the udp ports 137 and 138
>> but am not sure about this. Given that udp is connectionless and doesn't
>> have to respond, is it even possible that I can use nmap to see if those
>> two ports are accessible. I know the host is up, host discovery by icmp
>> bounce is not what I am interested in here, just verification of whether
>> the udp ports are accessible through the firewall.
>>
>>
>> Thanks for any feedback.
>>
>> --
>> Hari Sekhon
>>
>>
>> _______________________________________________
>> Sent through the nmap-dev mailing list
>> http://cgi.insecure.org/mailman/listinfo/nmap-dev
>> Archived at http://SecLists.Org
>>
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Received on Jan 11 2007
Intro
