LinuxQuestions.org
Latest LQ Deal: Linux Power User Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 10-29-2014, 01:43 PM   #1
sumncguy
Member
 
Registered: Jun 2013
Posts: 71

Rep: Reputation: Disabled
Nmap combining echo reply with port 161,22,23 testing


I have the need to test a list of ip address for open ports. Ping, or probably more correctly echo reply, ssh, telnet and snmp need to be checked.

This works ok and should be pretty safe.
Code:
nmap -sP  10.10.10.10

Starting Nmap 5.51 ( http://nmap.org ) at 2014-10-29 17:20 UTC
Nmap scan report for hostname(10.10.10.10)
Host is up (0.089s latency).
Nmap done: 1 IP address (1 host up) scanned in 0.21 seconds
As does this

Code:
nmap -sTUV -p U:161,T:22,23 -vv -PE --script snmp-brute  --script-args snmplist=snmplist.txt iplist.txt --log-errors
My question is .. is there a way to get all of this info in a single nmap command. I tried the obvious which yields a switch compatibility error and the only output is the echo reply status.

Code:
nmap -sTUVP -p U:161,T:22,23 -vv -PE --script snmp-brute  --script-args snmplist=snmplist.txt iplist.txt --log-errors
The Error I get is as follows and you can see I never get a status for 22,23 and 161.

Quote:
Starting Nmap 5.51 ( http://nmap.org ) at 2014-10-29 17:29 UTC
Nmap scan report for hostname (10.10.10.10)
Host is up (0.23s latency).
Nmap done: 1 IP address (1 host up) scanned in 0.35 seconds
-sL and -sn (skip port scan) are not valid with any other scan types
QUITTING!
Thanks for the help folks.
 
Old 11-22-2014, 04:05 PM   #2
bonsaiviking
LQ Newbie
 
Registered: Aug 2014
Posts: 7

Rep: Reputation: Disabled
The -sP switch (renamed -sn to better indicate this meaning, like -n and -Pn) means "skip the port scan phase." This conflicts with the -sTUV which is a combination of switches meaning "Do TCP connect and UDP port scans, followed by service version detection."

Your second command (-sTUV -PE) does what you want; it combines the TCP and UDP scans with an ICMP Echo host discovery method. Any host reported as "Up" has responded to the ICMP Echo Request, so that's one part of your requirement. The rest is exactly what you expect regarding port scans.

A few notes that will improve your experience:
  • Update Nmap. Nmap 5.51 was released in February 2011, and is missing tons of useful upgrades.
  • Unless you're trying to evade an IDS, changing -sT to -sS will speed up your scan by using Nmap's SYN scan mode instead of full 3-way TCP connections. It needs root permissions, but so does -sU.
  • If all you need is open ports, skipping version scanning (remove the V in -sTUV) can save you lots of time. On the other hand, it's a very useful feature when you need to know just what is running.
  • Get in the habit of using one the -oA option. This causes Nmap to save your scan in 3 different formats so you don't lose any info if your terminal crashes. Plus, the XML format contains extra information that's not reported on the screen.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
ping cannot receive reply but on target machine it shows echo and reply georgewhr Linux - Networking 3 06-25-2014 02:54 AM
iptables port 161 UDP/TCP aocferreira Linux - Networking 7 03-18-2011 05:08 PM
UDP Port 161 kopper27 Linux - Newbie 8 06-09-2010 03:57 PM
LXer: Learn how to use nmap, and nmap GUI, a great port scan tool LXer Syndicated Linux News 0 01-03-2008 10:10 AM
appear to have received our own echo-reply aeh13_2000 Linux - Networking 3 08-17-2006 09:22 AM


All times are GMT -5. The time now is 06:24 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration