-
March 29th, 2005, 02:21 AM
#1
Nmap: What ports are scanned by default
I've looked in the MAN page and can't find the answer. I know if I use the -p option I can choose to scan the ones I want, but if you put in no options what range of ports does nmap scan by defaut? I know it's more that -F (Fast scan mode) and less than -p 1-65535.
-
March 29th, 2005, 02:23 AM
#2
Well, you could always fire up tcpdump and see which ports it is but I believe it does the privilege ports by default (1-1024)
Found it. It was in the man page:
-p <port ranges>
This option specifies what ports you want to specify. For exam-
ple "-p 23" will only try port 23 of the target host(s). "-p
20-30,139,60000-" scans ports between 20 and 30, port 139, and
all ports greater than 60000. The default is to scan all ports
between 1 and 1024 as well as any ports listed in the services
file which comes with nmap. For IP protocol scanning (-sO),
this specifies the protocol number you wish to scan for (0-255).
-
March 29th, 2005, 02:26 AM
#3
I looked at one of my old logs and it looks like it goes way above that (it hists 65301, but I don't think every thing between.).
-
March 29th, 2005, 02:33 AM
#4
That might be in the "services file" that comes with nmap.
-
March 29th, 2005, 02:35 AM
#5
I found my answer in Fyodor's book, looks like the default is to scan 1-1024 and every higher one in the nmap-services file. That MsMittens.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|