From: John Forristel (SunGard-Chico) (John.Forristel@sungardbi-tech.com)
Date: Mon Oct 29 2007 - 09:11:03 EST
Yes, UDP scanning takes a long time. With TCP, the port responds with =
an ACK or RST, or nothing. Since UDP isn't quite as polite (to us), it =
takes a while to time out. It also makes the scanning less accurate, =
but certainly not useless. It is a good way to find rcpbind ports.
In UDP scanning, we are looking for the CLOSED ports, not the open ones. =
UDP is not required to give a response. Fortunately, however, most =
have ICMP_PORT_UNREACHABLE running to tell us which ones are closed. =
The ports that respond are assumed to be closed, and the rest are =
assumed to be open.
Quoted text:
Hi all,
I have completed a udp scan on an embedded device in the lab and the
scan duration was 18.22 hours.
The scan syntax used is as follows:
nmap -sU -p0-65535 <ip_addr>
Should a UDP scan take such a long time? Could the scan time relate to
some problem with the device?
Kind Regards
Kevin
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.5.503 / Virus Database: 269.15.12/1096 - Release Date: 10/27/2007 11:02 AM
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:58:11 EDT