Nmap Development mailing list archives
Re: feature suggestion: --udp_reliable
From: Fyodor <fyodor () insecure org>
Date: Sat, 23 Nov 2002 00:15:51 -0800
On Fri, Nov 22, 2002 at 11:52:35PM -0800, Florin Andrei wrote:
That's why i think it would be useful to have an option to mark unresponsive UDP ports as "filtered", just the same as the ports that send back port-unreachable, and mark "open" only the ports that actually send back a UDP reply.
The problem with this is that most open UDP ports do NOT send back any reply to the 0-byte UDP packet. So "filtered" ports that do not send back an ICMP administratively-prohibited erro look just like open ports. In that case, I would usually rather err on the side of reporting filtered ports as open. That is usually less dangerous than giving people false assurance that all their ports are "filtered". Perhaps I should add an "unknown" state. At some point, Nmap may provide an option to spend a bunch of application-specific UDP packets. That would help coax out resposes, and those responses would tell not only that the port is open but what application service is running. Cheers, -F --------------------------------------------------------------------- For help using this (nmap-dev) mailing list, send a blank email to nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).
Current thread:
- feature suggestion: --udp_reliable Florin Andrei (Nov 22)
- Re: feature suggestion: --udp_reliable Fyodor (Nov 23)
- Re: feature suggestion: --udp_reliable R Anderson (Nov 24)
- Re[2]: feature suggestion: --udp_reliable Bo Cato (Nov 28)
- Re: feature suggestion: --udp_reliable R Anderson (Nov 29)
- Re: feature suggestion: --udp_reliable Rasmus Andersson (Nov 29)
- Re: feature suggestion: --udp_reliable R Anderson (Nov 24)
- Re: feature suggestion: --udp_reliable Fyodor (Nov 23)