Penetration Testing mailing list archives
Re: fast nmap scan of XP boxes?
From: Tim <tim-pentest () sentinelchicken org>
Date: Sat, 13 Aug 2005 10:04:13 -0400
I am using nmap to create a list of targets that I will then use other tools to test. My problem is how can I do a fast scan of a large (class B) network of systems running XP, most with firewalling turned on? Will nmap -sP still find the systems if ping does not? What I am trying now is a tcp connect scan to the M$ ports. It seems to find all the systems, but it takes a VERY long time.
nmap provides quite good man pages. I recommend you read through them. -sP -PS 135,139,445 might just do the trick, but you should decide this for yourself after reading the documentation on the -PX options. tim ------------------------------------------------------------------------------ FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't Learn the hacker's secrets that compromise wireless LANs. Secure your WLAN by understanding these threats, available hacking tools and proven countermeasures. Defend your WLAN against man-in-the-Middle attacks and session hijacking, denial-of-service, rogue access points, identity thefts and MAC spoofing. Request your complimentary white paper at: http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801 -------------------------------------------------------------------------------
Current thread:
- fast nmap scan of XP boxes? Michael Weber (Aug 12)
- RE: fast nmap scan of XP boxes? Chris Chandler (Aug 13)
- Re: fast nmap scan of XP boxes? Tim (Aug 13)
- Re: fast nmap scan of XP boxes? ilaiy (Aug 13)
- Re: fast nmap scan of XP boxes? matt (Aug 14)