Nmap Development mailing list archives

Re: nmap patch: unique list of tcp, udp and protocol ranges

From: H D Moore <hdm () secureaustin com>
Date: Thu, 19 Jul 2001 14:24:55 -0500

Re: UDP Port Scanning

A method I use for finding open UDP ports (in a fast amount of time):

1. Take 3 known closed ports, scan for them only.  If any of these come back 
as open, give up.

2. Then scan your trimmed list of common ports PLUS the original three close 
ones.  If the "closed" ports come back as open, throw away all your results.


BTW, I am almost done with a loadable output module system for nessus.  Think 
of the snort plugin architecture ported to nmap.  You can use this to create 
new output types, perform banner checking, or automatically exploit systems 
based on open ports ;)  I need to move it all over to Beta26 (damnit F, stop 
writing code so fast =p ) and will then release it to fyador and the rest of 
the nmap-dev/hacker people for review.


On Thursday 19 July 2001 02:13 pm, Preston M. Norvell wrote:

I was actually just digging around today trying to discern whether I
wanted to take that task on myself.  Fortunately, I checked prior to
starting.

This would be a nice feature to have in the main tree, as I'm working on
a patch to nessus that allows one to specify distinct port ranges for
TCP and UDP, thus improving the usability of the scanner in situations
where specifying all UDP ports would take an obscenely long time.
Having this ability in the main nmap tree would make it simple to get my
modifications into the nessus main tree (alterior motives have I).

Thanks much for putting this together.

--
Preston M Norvell - Sr. Network Engineer
Mercury Data Group, Inc.
http://www.mdgi.com
Ph:  907.274.1510x16
Fax: 907.274.1511


---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to
nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).


---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to 
nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).

Current thread:

nmap patch: unique list of tcp, udp and protocol ranges William McVey (Jul 11)
- <Possible follow-ups>
- RE: nmap patch: unique list of tcp, udp and protocol ranges Preston M. Norvell (Jul 19)
  - Re: nmap patch: unique list of tcp, udp and protocol ranges H D Moore (Jul 19)