Review your favorite Linux distribution.
Go Back > Forums > Linux Forums > Linux - Newbie
User Name
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!


  Search this Thread
Old 10-29-2014, 12:43 PM   #1
Registered: Jun 2013
Posts: 76

Rep: Reputation: Disabled
Nmap combining echo reply with port 161,22,23 testing

I have the need to test a list of ip address for open ports. Ping, or probably more correctly echo reply, ssh, telnet and snmp need to be checked.

This works ok and should be pretty safe.
nmap -sP

Starting Nmap 5.51 ( ) at 2014-10-29 17:20 UTC
Nmap scan report for hostname(
Host is up (0.089s latency).
Nmap done: 1 IP address (1 host up) scanned in 0.21 seconds
As does this

nmap -sTUV -p U:161,T:22,23 -vv -PE --script snmp-brute  --script-args snmplist=snmplist.txt iplist.txt --log-errors
My question is .. is there a way to get all of this info in a single nmap command. I tried the obvious which yields a switch compatibility error and the only output is the echo reply status.

nmap -sTUVP -p U:161,T:22,23 -vv -PE --script snmp-brute  --script-args snmplist=snmplist.txt iplist.txt --log-errors
The Error I get is as follows and you can see I never get a status for 22,23 and 161.

Starting Nmap 5.51 ( ) at 2014-10-29 17:29 UTC
Nmap scan report for hostname (
Host is up (0.23s latency).
Nmap done: 1 IP address (1 host up) scanned in 0.35 seconds
-sL and -sn (skip port scan) are not valid with any other scan types
Thanks for the help folks.
Old 11-22-2014, 03:05 PM   #2
LQ Newbie
Registered: Aug 2014
Posts: 7

Rep: Reputation: Disabled
The -sP switch (renamed -sn to better indicate this meaning, like -n and -Pn) means "skip the port scan phase." This conflicts with the -sTUV which is a combination of switches meaning "Do TCP connect and UDP port scans, followed by service version detection."

Your second command (-sTUV -PE) does what you want; it combines the TCP and UDP scans with an ICMP Echo host discovery method. Any host reported as "Up" has responded to the ICMP Echo Request, so that's one part of your requirement. The rest is exactly what you expect regarding port scans.

A few notes that will improve your experience:
  • Update Nmap. Nmap 5.51 was released in February 2011, and is missing tons of useful upgrades.
  • Unless you're trying to evade an IDS, changing -sT to -sS will speed up your scan by using Nmap's SYN scan mode instead of full 3-way TCP connections. It needs root permissions, but so does -sU.
  • If all you need is open ports, skipping version scanning (remove the V in -sTUV) can save you lots of time. On the other hand, it's a very useful feature when you need to know just what is running.
  • Get in the habit of using one the -oA option. This causes Nmap to save your scan in 3 different formats so you don't lose any info if your terminal crashes. Plus, the XML format contains extra information that's not reported on the screen.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
ping cannot receive reply but on target machine it shows echo and reply georgewhr Linux - Networking 3 06-25-2014 01:54 AM
iptables port 161 UDP/TCP aocferreira Linux - Networking 7 03-18-2011 04:08 PM
UDP Port 161 kopper27 Linux - Newbie 8 06-09-2010 02:57 PM
LXer: Learn how to use nmap, and nmap GUI, a great port scan tool LXer Syndicated Linux News 0 01-03-2008 09:10 AM
appear to have received our own echo-reply aeh13_2000 Linux - Networking 3 08-17-2006 08:22 AM > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 09:38 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration