Re: Nmap udp scan

[Jon Hart <jhart () spoofed org>]

On Wed, Apr 25, 2007 at 09:34:55PM -0400, Carlos Madrid wrote:
> I think you mean:
>
> nmap -sU -p 161 bob.ford.com

The documentation is pretty clear in this respect -- "-p" allows you to
specify the range of ports you want to scan with the option of
specifying different ports for UDP and TCP scans.  The original poster
did not specify a scan type, so it defaulted to TCP.  Specifying a list
of UDP ports to scan while doing a TCP scan doesn't make much sense,
hence the error:

   "When scanning both TCP and UDP ports, you can specify a particular
   protocol by preceding the port numbers by T: or U:. The qualifier
   lasts until you specify another qualifier. For example, the argument
   -p U:53,111,137,T:21-25,80,139,8080 would scan UDP ports 53,111,and
   137, as well as the listed TCP ports. Note that to scan both UDP
   & TCP, you have to specify -sU and at least one TCP scan type (such
   as -sS, -sF, or -sT). If no protocol qualifier is given, the port
   numbers are added to all protocol lists."

This option is very useful if you want to do a single scan, for example:
   
   nmap -sU -sT -p U:1-1024,T:1-65535

-jon