Nmap Announce mailing list archives
Port statistics
From: "Teolicy" <teolicy () mindless com>
Date: Sat, 20 May 2000 03:33:35 +0200
Hello folks, I've been wondering if anyone gathered any serious scale statistics for port usage. Does anyone know which port is "the most open port" over various platforms? Would such a research be useful for anyone? Would it be useful to separately scan various OSs and architectures, then scan a network and be able to say (with statistical accuracy) that "this net probably has 57% Windows NT boxes and 23% Solaris' 18% Linux and 2% other"? (uhm, I mean, would it be useful and realistic, that is :) This 'scan' should (ATMPOV) use vanilla TCP connect, because this is a kind of "fingerprinting" that might have to be done across OS-detection-breaking devices (filters and firewalls of sorts). I know it sounds very far fetched, but in my experience, a network has a small number of "favored" servers that the admins deal with and harden, and then "the rest of the gang", which are usually vanilla or almost vanilla stations out-of-the-box. It would sometimes (well, OK, in my case) be useful to know what mix of hosts there is on the network, possibly being able to better understand it's structure and vulnerabilities from a limited point of view (behind filtering). Such statistical analysis can be done by simply scanning many vanilla OS's out-of-the-box and then placing the information in a small file to examine while scanning, but it could also (and it would be better) gathered via a wide-scale scan (ALA BASS). - Teolicy
Current thread:
- Port statistics Teolicy (May 19)
- <Possible follow-ups>
- Re: Port statistics Jonathan Day (May 20)