Re: Using --top-ports for UDP selection only?

["DePriest, Jason R." <jrdepriest () gmail com>]

On Thu, Apr 28, 2011 at 3:38 AM, Fyodor <> wrote:
> On Thu, Apr 21, 2011 at 12:59:41PM -0500, Chris Clements wrote:
> > Hi all,
> >
> > Is there a way I can tell nmap to scan all TCP ports, but only the top, say,
> > 200 most common UDP ports?  My first thought was to use "‹top-ports 200" and
> > specifying only TCP ports with ­p (-p T:1-65535), but it seems that
> > specifying specific TCP ports  overrides the top port selection for UDP.
>
> Admittedly this is a little bit of a hack, but I first generate the
> list of top UDP ports (10 in this case):
>
> ./nmap -oX - -sU --top-ports 10
>
> The output 'scaninfo' line includes the services list in Nmap format:
>
> 53,67,123,135,137-138,161,445,631,1434
>
> So then I can run Nmap with:
>
> -p T:1-65535,U:53,67,123,135,137-138,161,445,631,1434
>
> Of course if this becomes a common incantation, you save the Nmap
> command string to use later.  Or you can get all fancy and make a
> custom nmap-services with just those ports you're interested in.

That is pretty much what I do.  I have a shell script with -pT:-,U:{a
bunch of ports}

It includes the Top 25 UDP ports and another 10 or 15 that I want to include.

My biggest problem with running nmap from a shell script is that
interactive mode doesn't work any longer and that's not something you
can fix.

Having a topX alias available for TCP and UDP independentaly would be
nice.  So would having a way to say topX but not Y and Z.

Until then, shell scripts are the way to go.

-Jason
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/