Nmap Development mailing list archives
Nmap summarizing function results in not all ports being displayed
From: jayrhine () comcast net
Date: Tue, 12 Aug 2008 13:57:44 +0000
Folks, Myself and others have had the issue in the past that when performing scans with Nmap on systems that have many open udp ports, the port details will not be displayed. This does not usually affect tcp ports since they will typically be discovered as open (which is always reported). However, since UDP usually reports open ports as "open|filtered", this may result in ports not being displayed. Now, I understand this is not a bug, but rather a design choice, but I think it would be beneficial to may this adjustable. Now this issue is due to the following code wiithin "portlist.cc", int max_per_state = 25; // Ignore states with more ports than this /* We will show more ports when verbosity is requested */ if (o.verbose || o.debugging) { if (o.ipprotscan) max_per_state *= (o.verbose + 3 * o.debugging); else max_per_state *= (o.verbose + 20 * o.debugging); } The result of this is that if more than 25 UDP ports are open on a system, the ports will not be displayed unless the verbosity is turned up (or the debug level is 3 or above). Running, adding -vvvv to the command line to get up to 100 open ports is fine, but if you want to detect a couple of thousands ports, you need quite a lot of v's. I usually add 100 to my command line scripts to be safe. I would propose that a command line option be added to disable this behavior and/or adjust the max_per_state variable. Is this something that could be done? Thanks! Jay _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Nmap summarizing function results in not all ports being displayed jayrhine (Aug 12)
- <Possible follow-ups>
- Re: Nmap summarizing function results in not all ports being displayed jayrhine (Aug 18)