Am Donnerstag, 11. Januar 2007 18:51 schrieb Hari Sekhon:
> I'm trying to scan for the accessibility of the udp ports 137 and 138
> but am not sure about this. Given that udp is connectionless and doesn't
> have to respond, is it even possible that I can use nmap to see if those
> two ports are accessible. I know the host is up, host discovery by icmp
> bounce is not what I am interested in here, just verification of whether
> the udp ports are accessible through the firewall.
The simple answer is:
1/ An UDP probe to unfiltered, active UDP port results in no reponse in
terms of "the connection". Thus, "no response" might be an indicator for an
open port (but please read on). Several (not all) UDP services send you some
answer packets back on the application level. You should be able to identify
your mentioned ports with -sUV in this way.
2/ When your probe (or the resulting answer, for that matter) is filtered or
otherwise dropped by a firewall somewhere between you and your target, you
also receive no answer. That is somewhat unsatisfactory from a scanner's
point of view, but that's reality. That's why there may be the port
status "open|filtered" in your output.
3/ When the target port is accessible, not filtered, but not active, the
destination system should answer with an "ICMP port not reachable" packet.
nmap marks the port as "closed".
The exact answer is that everything is much more complex in many situations
and it's difficult to give you a generic answer. I hope that helps you to
your next steps.
Regards,
///Nils
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Received on Jan 12 2007
Intro
