Closed pisuke closed 4 years ago
Can you be more specific? AFAIK nmap does scan all ports.
Keep in mind that UDP ports can't easily be scanned because they will likely "do nothing" if probed with bogus data.
nmap scans the first 1000 TCP ports with default options. To add UDP scan the -sU option can be used. To scan all 65535 ports the -p- option can be used. This might make the scan very slow though, what do you think? Perhaps we could have a configuration file to scan for relevant building systems ports?
I played around with this and scanning all ports is ridiculously slow. This is effected by microsegmentation, which makes it slower, so it might be there's two different scans that are done at different times.
Scanning UDP didn't do anything useful -- the protocol has on built-in reply so it doesn't generally respond to random probes. Then it made it slower.
And yes, a config file for building ports would be good.
We need to break this down into smaller items since "scan all ports" is too big to be actionable.
Still an issue preventing sing-off of security.ports.nmap test. Need a -p1
option when running nmap
Sample commands for TCP/UDP
TCP: nmap -p0- -v -A UDP: nmap -sUV -F
Expand to scan other ports, especially the ones relevant for building systems.