6 hours 31 minutes
now we'll do. Ah, awesome. UDP scans
and I just wantedto tell you that UDP skins do take longer so I'll try to minimize the the number of ports that we scan here. But, Phil Frito, test it on your own.
syntax is using ah dash s you and then the rest of it is the same dash P space and then the port number.
And as I've told you before, I like to put the target at the end.
Okay, that was pretty quick scan, Really, Even though it was UDP
and for 53 is open on UDP
just d N s.
So we'll do Ah,
clear screen and I'll d'oh
map Dash s u
dash p will do multiple beauty people. It's this time
and I don't know if you noticed, but I'm choosing ports that I know
responded in previous scans.
So it enter
why this one
responded, I think. But I know RBC Bind
can be found on Windows Server So I wanted you to also see that the state here is open filtered.
Oh, and 1 11 is closed.
So it's really good information.
All right, Now do and map dash, s u
all right. This one takes a little bit of time, so go and run it.
And the main point here was to show you again that you can
separate reports by comma, But then you can also do a range,
and you could do the range first and then a comma and then specific ports if you want, or vice versa.
There's a lot of flexibility here in that map
entered to seethe status.
all right, I'm gonna go and cancel the scan because I don't want to make this lab longer than it needs to be. You get the point? I think
so. Have a control. See,
Clear the screen again
and again. I want to show you that you could do Ah,
a name service scan, which is like a map
so the same with TCP. You can specify it by the names of the service's.
And we see,
port states of open, open, filtered and closed on the service's and these ports,
and they're all GDP.
All right, so
I think you get the point there.
Now I want to show you how to do TCP syn and UDP scans of specific target specific ports.
So do a M out Dash s s
Dash s u
with a fast scan.
I actually think I might have already shown you this scan, but again, the main point is,
if you include Dash s Capitol you, which is UDP scan.
But you also want a TCP skin. You have to specify it. Otherwise, it'll Onley scan UDP So
I think I already showed you. So I'm gonna cancel that one.
So you and map Dash s
huh? Did again?
all right? This should go fast. I'm scanning T c b N u T p ports 53.
And the reason why I chose 53 is because that's d N s d n a server and client uses
I knew that those sports would be open on this window's 2012 server box.
Okay, so we'll do a N map.
Desh es es
All right. So this scans a couple of different TCP and UDP ports
so the dash p and then followed by the port numbers
means that that since I'm doing a sin scan and the UDP scan,
it's gonna scan these sports
of both of those types of scans.
And the reason I'm pointing that out is because in a minute I want to show you how you can specify
different TCP ports than you. DP ports
There you go. So there's the results. You can see all of the UDP port scan
and their names.
Which ones are open,
the TCP ports scanned
and their status in their names.
All right, so clear the screen. So here's where the rubber hits the road. I guess in some ways will do Ah,
scan that skins
different TCP ports
and you dp ports. So do and map
just like the other ones s U
So the syntax is t
and then a comma right afterwards.
So you see what I've done here. Here's the port. We already know that we're doing Ah, TCP Anna UDP scan
separated with a space minute Capital T colon. The number of the TCP ports I wanna scan comma you dp ports,
followed by, um,
colon and then the range. In this case, this might take a little bit of time to run, but
right and there's a results
you see the open TCP ports and the open UDP port No been filtered UDP port.
So the main point there wasjust to show you howto
how to do both at the same time and show you that the same flexibility from earlier scans applies to
when you want to do specific TCP ports and you d be boards. All right, so this is the last one, and I just want to show you the kind of the flexibility of n map.
All right, so the targets the same
both sent since can and UDP scan.
But notice that I put names of service is
numbers in there, too, So I could even modify this if I wanted Thio and
add additional TCP ports. Let's say 33 89.
Um And so the point is you can put numbers or you can put the names
all right, there's a fast scan. So
that's end of this lab. Just remember, with almost every scan that you run, you can choose the TCP and you tbe ports that are scanned and leave those that you aren't interested off. The most important part to remember is the dash P, followed by the port designation.
And the second most important part is to remember that in order to do a TCP and UDP scan,
you have to specify the type of DCP scan to run along with the Dash s Capitol. You
if you only put a Dash s Capitol you on Lee UDP scan Looker.
Thank you so much.
In this lesson, we learned about the following
first we talked about what port scanning is next. We discussed the different ports states recognized by N map.
Then we determined why we scan ports in the first place.
Then we applied that knowledge by talking about how port scanning is performed an end map and work through several examples in a lab.
Thanks so much for working through this lesson with me, and I'll talk to you again in the next one.
The network mapper (NMAP) is one of the highest quality and powerful free network utilities in the cybersecurity professional's arsenal.