Nmap Development mailing list archives
nmap patch: unique list of tcp, udp and protocol ranges
From: William McVey <wam () cisco com>
Date: Wed, 11 Jul 2001 15:22:42 -0400
I was recently surprised to observe that when nmap does a tcp and udp scan in the same pass, it scans the same list of ports under both protocols. This is independent of the tcp or udp specification in the nmap-services file. Similarly, when doing a tcp and udp scan of ports specified with the -p option, each of the specified ports is tcp scanned then udp scanned. This is due to a single array being used to store the "port list". I've released a patch against nmap-2.54BETA25 (I'd completed my changes by the time BETA26 came out) which changes the "port list" to a port list structure containing a list (and a count) of tcp ports numbers to scan, udp port numbers to scan and IP protocol numbers to scan. The patch is available at http://www.networkexploits.com/projects/nmap/ Also included in the patch is an enhanced -p option. If your port range contains a 'T:' all ports specified from then on (until another protocol identifier) are TCP ports to scan. Similarly, 'U:' will specify a udp range and 'P:' specifies protocol numbers. For example: nmap -sT -sU -p T:1-1024,U:1-22,69,161,2049,31337 localhost If no T:, U:, or P: flags are associated with the argument to -p, the program behaves like it always did (the range to all of the port lists for each protocol type). There is one bug I know about, which shouldn't be encountered very often. If you specify a tcp scan and only specify udp ports (or vice versa) via an nmap-services file or with the -p option, then the scan will hang. I will be working on squashing this bug soon, but I wanted to release the patch since it may take me a while to get back to working on nmap. -- William P.S. I have another patch on the same site that adds a --portfile option to specify an alternate file other than NMAPDIR/nmap-services to use for fast mode (-F). If this is of use to you, be sure to let Fyodor know so he can gauge whether it should be made part of the main nmap distribution. --------------------------------------------------------------------- For help using this (nmap-dev) mailing list, send a blank email to nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).
Current thread:
- nmap patch: unique list of tcp, udp and protocol ranges William McVey (Jul 11)
- <Possible follow-ups>
- RE: nmap patch: unique list of tcp, udp and protocol ranges Preston M. Norvell (Jul 19)
- Re: nmap patch: unique list of tcp, udp and protocol ranges H D Moore (Jul 19)