Home page logo

pen-test logo Penetration Testing mailing list archives

Re: scanning for a specific service with nmap
From: "Jorge L. Vazquez" <jlvazquez825 () gmail com>
Date: Wed, 30 Jul 2008 15:26:04 -0400

Thanks for all the responses... I decided to stick with this one as it seem to do what I wanted, although all the reply are based on the same principle of piping the output to grep

nmap -sSV -p T:1433 192.168.10.* -oG - | grep open/tcp



Marcin Wielgoszewski wrote:
nmap -sSV -PN -p T:1433 -oG - | grep 1433/open/tcp//ms-sql-s


On 7/30/08, Jorge L. Vazquez <jlvazquez825 () gmail com> wrote:
guys I how could I use nmap to scan the network for a specific
server/service without having every single host alive coming back in the
scan but only that machine in which the service is running... for example,
let's say I want to scan the network to find only MSSQL server which by
default uses port 1433, in that case I would use nmap with something like

nmap -sSV -P0 -p T:1433

this scan eventually will detect the machine that is running the SQL server,
the only problem is that it returns every single host alive, only that port
status is close as it should be expected, but I wonder if it is possible to
only have returned the host running SQL service.

Thanks in advance

Jorge L. Vazquez.

This list is sponsored by: Cenzic

Top 5 Common Mistakes in Securing Web Applications
Get 45 Min Video and PPT Slides


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]