Security Basics mailing list archives

Re: scanning for a specific service with nmap

From: Ansgar Wiechers <bugtraq () planetcobalt net>
Date: Wed, 30 Jul 2008 17:19:09 +0200

On 2008-07-30 Jorge L. Vazquez wrote:

guys I how could I use nmap to scan the network for a specific
server/service without having every single host alive coming back in
the scan but only that machine in which the service is running... for
example, let's say I want to scan the network to find only MSSQL
server which by default uses port 1433, in that case I would use nmap
with something like this...

nmap -sSV -P0 -p T:1433 192.168.10.0/24

this scan eventually will detect the machine that is running the SQL
server, the only problem is that it returns every single host alive,
only that port status is close as it should be expected, but I wonder
if it is possible to only have returned the host running SQL service.


nmap -sSV -P0 -p T:1433 -oG - 192.168.10.0/24 | awk '/\/open\// {print $2}'

Regards
Ansgar Wiechers
-- 
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq

Current thread:

scanning for a specific service with nmap Jorge L. Vazquez (Jul 30)
- RE: scanning for a specific service with nmap Veal, Richard (Jul 31)
- RE: scanning for a specific service with nmap Veal, Richard (Jul 31)
- Re: scanning for a specific service with nmap Ansgar Wiechers (Jul 31)
- Re: scanning for a specific service with nmap Tim (Jul 31)
- Re: scanning for a specific service with nmap Marcin Wielgoszewski (Jul 31)
  - Re: scanning for a specific service with nmap Atrysk (Jul 31)
  - Re: scanning for a specific service with nmap Jorge L. Vazquez (Jul 31)