|
|||||||
| Pentesting Specific topics related to legal penetration testing |
 |
|
|
LinkBack | Thread Tools | Display Modes |
10-23-2009, 03:31 PM
|
||||
|
||||
nmap -PS -PA -PU flags
Hello!
I have a question. I bought fyodor's book for NMAP and it's been great! I am really learning the internals and best practices. But one thing i'm confused with is the host discovery flags PS PA PU. Syntax should be P[A/S/U]<port list> Essentially, it should be probing for hosts sending either SYN,ACK or UDP probes to the ports suggested. However, when I use it, I detects hosts that are up but on ports I didn't specify. E.G. @my house nmap -PS80,21,25 -PA80,21,25 -PU53 192.168.1.0/24 -v will yield results for my http server,ftp,dns but also scan ports up to 4444 and higher. Any reason this is happening? Am I using the flag wrong? Thank you.
__________________
Lying is my life. 
|
|
10-23-2009, 04:04 PM
|
||||
|
||||
|
Try separating the ports with -p.
ex: nmap 192.168.1.1 -PS -p 21,25,80 -v
__________________
Homer: You don't like your job, you don't strike. You go in every day and do it really half-assed. That's the American way.
|
|
10-29-2009, 07:32 PM
|
||||
|
||||
|
You're doing it the right way. The thing is the scan isn't limited by those probes/ports. After doing PS/PA/PU it still does the normal run of the default popular 1000 (or 1287) ports. If you don't want nmap to do that then you have to limit the ports to scan with the -p as Lincoln suggested.
__________________
I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change. I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.
|
|
| Bookmarks |
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
All times are GMT. The time now is 10:09 AM.
