Penetration Testing mailing list archives
RE: nmap udp scan time
From: "John Forristel (SunGard-Chico)" <John.Forristel () sungardbi-tech com>
Date: Mon, 29 Oct 2007 07:11:03 -0700
Yes, UDP scanning takes a long time. With TCP, the port responds with = an ACK or RST, or nothing. Since UDP isn't quite as polite (to us), it = takes a while to time out. It also makes the scanning less accurate, = but certainly not useless. It is a good way to find rcpbind ports. In UDP scanning, we are looking for the CLOSED ports, not the open ones. = UDP is not required to give a response. Fortunately, however, most = have ICMP_PORT_UNREACHABLE running to tell us which ones are closed. = The ports that respond are assumed to be closed, and the rest are = assumed to be open. Quoted text: Hi all, I have completed a udp scan on an embedded device in the lab and the scan duration was 18.22 hours. The scan syntax used is as follows: nmap -sU -p0-65535 <ip_addr> Should a UDP scan take such a long time? Could the scan time relate to some problem with the device? Kind Regards Kevin No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.5.503 / Virus Database: 269.15.12/1096 - Release Date: 10/27/2007 11:02 AM ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
Current thread:
- nmap udp scan time Kevin Mc Grath (Oct 26)
- Re: nmap udp scan time Gleb Paharenko (Oct 29)
- RE: nmap udp scan time Strykar (Oct 29)
- Re: nmap udp scan time Anders Thulin (Oct 29)
- RE: nmap udp scan time John Forristel (SunGard-Chico) (Oct 29)
- Re: nmap udp scan time Fyodor (Oct 30)
- <Possible follow-ups>
- Re: nmap udp scan time jpecou (Oct 29)
- Re: nmap udp scan time jason_jones98 (Oct 30)