|
Nmap Development
mailing list archives
Re: UDP scanning
From: Hari Sekhon <hpsekhon () googlemail com>
Date: Thu, 11 Jan 2007 20:06:44 +0000
"nmap -sU -sV -p U:137,138 hostname" yields
Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2007-01-11 20:02 GMT
Interesting ports on host.mydomain.com (ip.add.r.e.ss):
PORT STATE SERVICE VERSION
137/udp open netbios-ns Microsoft Windows netbios-ssn
(workgroup: MYDOMAIN)
138/udp open|filtered netbios-dgm
MAC Address: 00:13:72:2E:1C:B1 (Dell)
Service Info: OS: Windows
Nmap finished: 1 IP address (1 host up) scanned in 51.395 seconds
So I guess it works ok. I can't tell on the 138 port whether it really
is open or filtered, there must have been no response on that port.
Thanks
-h
Hari Sekhon
Hans Nilsson wrote:
Well since, like you mention, UDP ports don't typically respond to
packets it's probably difficult. All I can think of is also trying a
version scan and seeing if you can provoke a response from the port in
question.
On Thu, 11 Jan 2007 17:51:24 +0000, "Hari Sekhon"
<hpsekhon () googlemail com> said:
I'm trying to scan for the accessibility of the udp ports 137 and 138
but am not sure about this. Given that udp is connectionless and doesn't
have to respond, is it even possible that I can use nmap to see if those
two ports are accessible. I know the host is up, host discovery by icmp
bounce is not what I am interested in here, just verification of whether
the udp ports are accessible through the firewall.
Thanks for any feedback.
--
Hari Sekhon
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
 By Date 
By Thread
Current thread:
|
Intro
