Re: Patch/Feature req.: Multiple ports when doing raw tcp ping

[R Anderson <listbox () pole-position org>]

Gabriel L. Somlo wrote:

> I'm wondering if it may not be worth allowing for *several* tcp ports
> to use when doing tcp pings.
>
> I've whipped up a patch to 3.10ALPHA6 which implements this. The usage
> would be something like this:
>
>         nmap -sS -PT22,80,55555
>
> When doing this as non-root via TCP connect, only the first specified
> port (22) would be used. However, when doing it as root, raw tcp pings
> would be sent to all ports, thus improving the chances of correctly
> predicting whether any individual host is up or down.
>
> Let me know what you guys think about this...
>
> Thanks,
>
> Gabriel


Yeah, I've had situations where this would have come handy.

All ports are pinged at once, right? We could add some stealth by first 
trying one port, then trying the next port for hosts that didn't answer, 
and so on. Or maybe that's overkill :-)


---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to 
nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).