Re: scanning for a specific service with nmap

[Atrysk <info () atrysk com>]

yet another idea might be via egrep...

        nmap -sSV -P0 -p 80 192.168.1.0/24 | egrep -i '(open)'

however, including multiple keywords to parse on....

	nmap -sSV -P0 -p 80 192.168.1.0/24 | egrep -i '(keywork1|^keyword2| 
open|tcp open)'

whatever you might be looking to flag on....

D











On Jul 30, 2008, at 10:47 AM, Marcin Wielgoszewski wrote:

nmap -sSV -PN -p T:1433 192.168.10.0/24 -oG - | grep 1433/open/tcp//ms- 
sql-s

-Marcin
tssci-security.com

On 7/30/08, Jorge L. Vazquez <jlvazquez825 () gmail com> wrote:
> guys I how could I use nmap to scan the network for a specific
> server/service without having every single host alive coming back in  
> the
> scan but only that machine in which the service is running... for  
> example,
> let's say I want to scan the network to find only MSSQL server which  
> by
> default uses port 1433, in that case I would use nmap with something  
> like
> this...
>
> nmap -sSV -P0 -p T:1433 192.168.10.0/24
>
>
> this scan eventually will detect the machine that is running the SQL  
> server,
> the only problem is that it returns every single host alive, only  
> that port
> status is close as it should be expected, but I wonder if it is  
> possible to
> only have returned the host running SQL service.
>
>
> Thanks in advance
>
> Jorge L. Vazquez.
> www.pctechtips.org

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes in
Securing Web Applications
Get 45 Min Video and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------