Nmap Development mailing list archives
Re: Detecting a single open port
From: David Fifield <david () bamsoftware com>
Date: Sat, 18 Oct 2008 16:56:24 -0600
On Sat, Oct 18, 2008 at 10:08:40PM +0000, Jack Grahl wrote:
Jack Grahl wrote:It would be useful to have an nmap mode which stops as soon as it has detecteda single open port (per host). What about TCP Ping scan? nmap -sP -PT80,25,22... might not be enough for what you want...This is almost enough. I would like it to tell me the number of the port which is open, rather than just . I would also like it to use the portlist which I believe is built into nmap, and which optimizes finding an open port after as few tries as possible (and which includes all ports). Doing a SYN scan as a ping test at the moment without a portlist means just port 80 is scanned.
I think it's still not well known that the -PS, -PA, -PU, etc., options can take a port list in that same syntax as -p. nmap -sP -PS'1-1024,[1025-]' However that's not a complete solution for your problem because it scans the ports sequentially (in a port scan Nmap cheats and puts more common ports first), it doesn't use --top-ports logic, and you don't get the port that responded, even with --reason. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Detecting a single open port Jack Grahl (Oct 18)
- Re: Detecting a single open port Arturo 'Buanzo' Busleiman (Oct 18)
- <Possible follow-ups>
- Re: Detecting a single open port Jack Grahl (Oct 18)
- Re: Detecting a single open port David Fifield (Oct 18)