Verbose port output when scanning with different TCP and UDP port specs

[Roel Schouten <rs () fortconsult net>]

Hello,

When performing a scan with nmap using both the TCP and UDP port 
specification, the port output of nmap is verbose when the target host 
does not reply actively on closed ports.
If the number of TCP ports specified is higher than the number UDP ports, 
a verbose list of filtered UDP ports will be shown in the output.
If the number of UDP ports specified is higher than the number TCP ports, 
a verbose list of filtered TCP ports will be shown in the output.

Splitting the scan up in both a UDP and TCP scan, does not show the 
verbose results.

nmap -sS -sU -p T:1-65535,U:1-1024 <target ip>  - will show a verbose list 
of all UDP ports that time out ("filtered")
 (note: the host I scanned does not reply actively with ICMP port 
unreachables on closed UDP ports)

nmap -sS -sU -p T:1-1024,U:1-2000 <target ip>  - will show a verbose list 
of all TCP ports that time out ("filtered")
 (note: the host I scanned does not reply with RST on closed TCP ports)

nmap -sS -p 1-65535 <target ip>  and  nmap -sU -p 1-1024 <target ip> - 
only short list is shown for each scan

Nmap version: 4.03
OS: Ubuntu 6.06
Kernel: 2.6.15-23


Kind regards,

Roel Schouten
FortConsult
Denmark
www.fortconsult.net



_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev