Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Version Detection based on past TCP/UDP scan results

From: Fyodor <fyodor () insecure org>
Date: Thu, 31 May 2007 01:43:34 -0700
On Wed, May 30, 2007 at 06:51:47PM +0000, Hyper 4S wrote:

E.g. we have "output", the result of the scan "nmap -sS -sU -p0-65535 -oG 
output [host]"

After having run this scan, we decide we would like to do version detection 
on all found ports listed in "output", as "nmap -sS -sU -sV -p0-65535 
[host]" would give us by rescanning the host.

Is there a way to speed this up by skipping this redundant pre-version 
detection scan, and relying on the portscan results found during an earlier 
run?


There is not a way to do that.  However, if you specify the exact
TCP/UDP port numbers you know are open with -p, the time to scan those
few ports is generally immaterial compared to the version scan time
against the ports.

Cheers,
-F

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: