Nmap top ports

[Neuromance <neuromance.security () gmail com>]

Hi folks,

I noticed a peculiar behavior in the construction of this syntax:

#nmap --open -sV -PN -O -T3 --max-os-tries 5 -sR --top-ports 1500
--min_parallelism 10 -sU -sS  -d -p U:53,161

Starting Nmap 5.51 ( http://nmap.org ) at 2011-08-11 15:46 BRT
PORTS: Using top 1500 ports found open (TCP:0, UDP:2, SCTP:0)

Nmap tells me that only tested two UDP ports even though I specified the
--top-ports. See bellow

#nmap --open -sV -PN -O -T3 --max-os-tries 5 -sR --top-ports 1500
--min_parallelism 10 -sU -sS  -d

Starting Nmap 5.51 ( http://nmap.org ) at 2011-08-11 15:50 BRT
PORTS: Using top 1500 ports found open (TCP:1500, UDP:1500, SCTP:0)

When I do not specify UPD ports nmap tests the "top ports" both UDP and TCP.


I searched the book and site documentation and could not find a simple way
to use the "top ports" for TCP and specify other UDP ports.

It would be interesting to have an option like --top-ports-tcp and
--top-ports-udp that would use the most common ports, TCP or UDP. The user
can specify which protocol he would like to use the "top ports" option. Here
is a example of the syntax that i am suggesting:

#nmap --open -sV -PN -O -T3 --max-os-tries 5 -sR --top-ports-tcp 1500
--min_parallelism 10 -sU -sS  -d -p U:53,161

Starting Nmap 5.51 ( http://nmap.org ) at 2011-08-11 15:50 BRT
PORTS: Using top 1500 ports found open (TCP:1500, UDP:2, SCTP:0)

Please comment this idea.
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/