Security Basics mailing list archives
Re: nmap -p syntax question
From: ToddAndMargo <ToddAndMargo () zoho com>
Date: Thu, 19 Sep 2013 20:06:47 -0700
On 09/18/2013 01:37 AM, Anshuman Mukherjee wrote:
From the Nmap Man Page: The S you asked for must be SCTP ( http://en.wikipedia.org/wiki/Stream_Control_Transmission_Protocol ) PORT SPECIFICATION AND SCAN ORDER In addition to all of the scan methods discussed previously, Nmap offers options for specifying which ports are scanned and whether the scan order is randomized or sequential. By default, Nmap scans the most common 1,000 ports for each protocol. -p port ranges (Only scan specified ports) . This option specifies which ports you want to scan and overrides the default. Individual port numbers are OK, as are ranges separated by a hyphen (e.g. 1-1023). The beginning and/or end values of a range may be omitted, causing Nmap to use 1 and 65535, respectively. So you can specify -p- to scan ports from 1 through 65535. Scanning port zero. is allowed if you specify it explicitly. For IP protocol scanning (-sO), this option specifies the protocol numbers you wish to scan for (0–255). When scanning both TCP and UDP ports, you can specify a particular protocol by preceding the port numbers by T: or U:. The qualifier lasts until you specify another qualifier. For example, the argument -p U:53,111,137,T:21-25,80,139,8080 would scan UDP ports 53, 111,and 137, as well as the listed TCP ports. Note that to scan both UDP and TCP, you have to specify -sU and at least one TCP scan type (such as -sS, -sF, or -sT). If no protocol qualifier is given, the port numbers are added to all protocol lists. Ports can also be specified by name according to what the port is referred to in the nmap-services. You can even use the wildcards * and ? with the names. For example, to scan FTP and all ports whose names begin with “http”, use -p ftp,http*. Be careful about shell expansions and quote the argument to -p if unsure. with regards Anshuman Mukherjee On Tue, Sep 17, 2013 at 6:25 AM, ToddAndMargo <ToddAndMargo () zoho com <mailto:ToddAndMargo () zoho com>> wrote: Hi All, On the nmap command line, some questions about the "-p" parameter: 1) what is the "-p S:xxx". What protocol is "S"? By change is it ICMP? 2) when you omitt the "T:" and/or the "U:" does it check both TCP and UDP. What about the mysterious "S" protocol? Does it check that too? 3) is -p 137,138,139,445 the same as -p U:137,138,139,445,T:137,138,__139,445 ? Many thanks, -T
Thank you! -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Computers are like air conditioners. They malfunction when you open windows ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- nmap -p syntax question ToddAndMargo (Sep 16)
- Message not available
- Re: nmap -p syntax question ToddAndMargo (Sep 19)
- Message not available
- Re: nmap -p syntax question Ansgar Wiechers (Sep 23)
- Re: nmap -p syntax question ToddAndMargo (Sep 24)