Nmap Development mailing list archives
Re: Adding custom ports to the default scanned nmap ports
From: Daniel Roethlisberger <daniel () roe ch>
Date: Wed, 4 Nov 2009 22:14:34 +0100
Daniel Roethlisberger <daniel () roe ch> 2009-11-04:
Mika Arasola <nmap-list () arasola fi> 2009-11-03:Hi! I wrote a script using nmap 5 with a purpose of finding any changes in my employers firewall configurations / services open to the internet. There is quite a few networks, and open services include both standard and custom services. A lot of the custom services are on ports which are not included in the nmap-services configuration, and as far as I'm aware I have three way's to have everything scanned: 1) Specify all the scanned ports by hand with the -p switch 2) Add the ports by hand to the nmap-services file (with custom frequency values(??)) 3) Do two scans per network, one with default ports and the other with the custom ones I think both of these way's are pretty bad. The first one contains quite a risk that I leave out some services assuming it won't be open (as it is currently not). Some of the networks are not fully operated by our personnel, and the parties maintaining the firewalls have been known to make pretty silly mistakes in the past. The second option means quite a lot of work, and I still did not find any instructions on what the best practice on setting the frequency would be. The third option would also mean quite a lot of extra work, I already have two scans a day as is. I'm pretty surprised there is no option to use something like a -p+30231-30331 option to add custom ports to what will be scanned by defaultI believe what you want is already there: -p [-],30231-30331. [-] in port lists stands for the top n ports in the services file, n being controlled by --top-ports.
I have to correct myself. [-] stands for *all* ports in the services file. Incidently, in the SCTP case, all ports is the same as the top n ports, since there are so few of them... but not so for TCP. Sorry for the noise.
(maybe retaining the possibility to use the --top-ports or --port-ratio options). Am I alone in feeling such a feature would be useful? Any plans to include such functionality in the future? Thanks, Mika
-- Daniel Roethlisberger http://daniel.roe.ch/ _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Adding custom ports to the default scanned nmap ports Mika Arasola (Nov 03)
- Re: Adding custom ports to the default scanned nmap ports DePriest, Jason R. (Nov 03)
- Re: Adding custom ports to the default scanned nmap ports Daniel Roethlisberger (Nov 04)
- Re: Adding custom ports to the default scanned nmap ports Daniel Roethlisberger (Nov 04)
- Re: Adding custom ports to the default scanned nmap ports DePriest, Jason R. (Nov 04)