On Sun, 12 Dec 2004 02:30:51 +0800, Emanuel Gardaya Calso <[EMAIL PROTECTED]> wrote: > To scan open UDP ports, try as root: > # nmap -sU
You should be aware that UDP port scanning is a tricky issue because false positives are common. A "closed result" is reliable, but firewalled/blocked UDP ports will result in a false "open" result, which is why nmap actually reports these as "open|filtered." >From the nmap man page: "The technique is to send 0 byte UDP packets to each port on the target machine. If we receive an ICMP port unreachable message, then the port is closed. If a UDP response is received to the probe (unusual), the port is open. If we get no response at all, the state is "open|filtered", meaning that the port is either open or packet filters are blocking the communication. Versions scan (-sV) can be used to help differentiate the truly open ports from the filtered ones." Running "netstat -nlpu" will give you the authoritative list of listening UDP ports on your box along with the names of the processes which are handling those ports. -bodgie -- Philippine Linux Users' Group (PLUG) Mailing List [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph) Official Website: http://plug.linux.org.ph Searchable Archives: http://marc.free.net.ph . To leave, go to http://lists.q-linux.com/mailman/listinfo/plug . Are you a Linux newbie? To join the newbie list, go to http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie
