Nmap Development mailing list archives
feature suggestion: --udp_reliable
From: Florin Andrei <florin () sgi com>
Date: 22 Nov 2002 23:52:35 -0800
Quoting from the manual page: ################## UDP scans: This method is used to determine which UDP (User Datagram Protocol, RFC 768) ports are open on a host. The tech‐nique is to send 0 byte udp packets to each port on the target machine. If we receive an ICMP port unreachable message, then the port is closed. Otherwise we assume it is open. ################## I agree with the logic behind this decision (assume the unresponsive ports to be open). It is the normal thing to do, given the fact that portscans over the Internet are often made in an environment with a lot of packet losses. However, it might be useful to let users "who know what they are doing" to tweak this behaviour. For example, some simple Windows firewalls (yeah, i know :-P) choose to just drop packets, without sending back an ICMP-port-unreachable. nmap will interpret that as an open port, which is false. When portscanning in a reliable environment, like in the same LAN, with no network load/losses/collisions, you can be pretty much sure you will receive any port unreachable when it is sent back to you. That's why i think it would be useful to have an option to mark unresponsive UDP ports as "filtered", just the same as the ports that send back port-unreachable, and mark "open" only the ports that actually send back a UDP reply. Of course, in this case nmap should be more persistent and try a few more times before giving up and marking the port as "filtered". The lack of this option caused me much grief tonight when i tried to debug some Windows firewall; i thought it didn't blocked some UDP ports, when in fact it was blocking them too well, but nmap thought the ports were open because they were not responding. :-( Only when i started tcpdump i saw what the truth really was. -- Florin Andrei It's ok to use the names of your pets or children as passwords as long as they contain several non-alphanumeric characters. --------------------------------------------------------------------- For help using this (nmap-dev) mailing list, send a blank email to nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).
Current thread:
- feature suggestion: --udp_reliable Florin Andrei (Nov 22)
- Re: feature suggestion: --udp_reliable Fyodor (Nov 23)
- Re: feature suggestion: --udp_reliable R Anderson (Nov 24)
- Re[2]: feature suggestion: --udp_reliable Bo Cato (Nov 28)
- Re: feature suggestion: --udp_reliable R Anderson (Nov 29)
- Re: feature suggestion: --udp_reliable Rasmus Andersson (Nov 29)
- Re: feature suggestion: --udp_reliable R Anderson (Nov 24)
- Re: feature suggestion: --udp_reliable Fyodor (Nov 23)