Nmap Development mailing list archives
RE: Stumbling into the obvious
From: Stephen Kleine <skleine.h6foc1 () cwfinc com>
Date: Tue, 13 Apr 2010 09:15:09 -0400
From: David Fifield [mailto:david () bamsoftware com] Sent: Friday, April 09, 2010 3:14 PM To: Stephen Kleine Cc: nmap-dev () insecure org Subject: Re: Stumbling into the obvious On Fri, Apr 09, 2010 at 09:32:13AM -0400, Stephen Kleine wrote:
Obligatory Notice: I'm a relative newcomer to NMAP. After reading about the Mayo Clinic's scan in the book, I did some research on commonly-used windows ports. I've come up with this scan for windows systems nmap -p 1-1023,1067,1068,1270,1433,1434,1645,1646,1701,1723,1755,1801,1812,1813,1900,2101,2103,2105,2107,2393,2394,2460,2535,2701-2704,2725,2869,3268,3269,3343,3389,3527,4011,4500,5000,5004,5005,5722,6001,6002,6004,42424,51515 -T3 -n -PN
Tell us more about the research you did. How much overlap is there with Nmap's default 1000-port list? You can easily extract the port list from XML output. ------ There is a fair amount of overlap between the Normal scan and the windows scan I've found (both do the bottom 1023 ports, PPTP is well within the top 67 ports, etc.) As for research on the windows specific ports, those can be found at http://support.microsoft.com/kb/832017#5 on the table Ports and Protocols. I suppose the lower 1023 could be eliminated in favor of the windows ports on that table, but that seems... incomplete to me. _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Stumbling into the obvious Stephen Kleine (Apr 09)
- Re: Stumbling into the obvious David Fifield (Apr 09)
- Message not available
- Re: Stumbling into the obvious David Fifield (Apr 13)
- Message not available
- RE: Stumbling into the obvious Stephen Kleine (Apr 13)
- Re: Stumbling into the obvious David Fifield (Apr 09)