Nmap Development mailing list archives
Re: open.scanme.nmap.org suggestion
From: Henri Doreau <henri.doreau () greenbone net>
Date: Sun, 26 Jun 2011 10:29:05 +0200
2011/6/25 Wolfric <wolfric1 () gmail com>:
This is extremely useful for testing which ports are blocked from inside a firewalled environment however I can see how scanning 65k ports could probably piss off whoever is hosting the server as it would probably garner a lot more activity per user and a lot heavier use. Sure if the load becomes too heavy you can just tank the idea and take the domain name offline.
Hi, you can use the firewalk[1] script to do such things. This script automates firewalls rules detection between you and a target. The following command should tell you which ports are blocked, and where: # nmap --traceroute --script firewalk <target>. In case you want to scan a wider ports range you need to disable the firewalk probed-ports limit: # nmap --traceroute -p- --script=firewalk --script-args firewalk.max-probed-ports=-1 <target> This syntax and behavior are only valid for the SVN version of the script (there is a firewalk script shipped with nmap 5.51 but it isn't as convenient as this one). You can download the latest version of the script here: http://nmap.org/svn/scripts/firewalk.nse HTH Regards. [1] http://nmap.org/nsedoc/scripts/firewalk.html -- Henri Doreau | Greenbone Networks GmbH | http://www.greenbone.net Neuer Graben 17, 49074 Osnabrueck, Germany | AG Osnabrueck, HR B 202460 Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- open.scanme.nmap.org suggestion Wolfric (Jun 25)
- Re: open.scanme.nmap.org suggestion Henri Doreau (Jun 26)
- Re: open.scanme.nmap.org suggestion Fyodor (Jun 27)