I am looking for a tool like nmap that would help me penetrate a filter port.

Any idea in what I can use.

The ip address is inside a proxy server.

Armando Quintananieves

On Jul 5, 2012, at 2:55 AM, pentester <pentester (at) surfhier (dot) nl [email concealed]> wrote:

> I agree that nmap is a cool tool. It just ain't the right tool to do a udp scan. The reason is that it waits for a response, if no response, then it retries a couple of times. There is no need to. There are other scanners who do a better job for udp scanning. unicornscan doesn't wait for answers, it just continues scanning. When you start unicornscan, it also starts a listener. Because the listener is catches all responses, the sender doesn't have to wait for responses, like nmap does. A typical full udp port scan costs less than 4 minutes per host and open ports are found. Also if a port is reported open, you can be sure it's open and not either open or filtered.
>
> nmap has a lot of cool options that unicornscan doesn't have. But unicornscan beats nmap as it comes to udp scanning. It's just a matter of using the right tools for the job.
>
> Cor
>
>
> On Jul 4, 2012, at 11:16 PM, anonymous wrote:
>
>> On 06/29/2012 05:32 AM, pentester wrote:
>>> Reason is that nmap waits for a response, retries, waits etc. Once it decides the port is not responding it continues. There is a little smartness, because nmap tries different ports simultaneously.
>>> Another scanner solves this issue. unicornscan typically scans al 64k ports in 3 minutes and 45 seconds when you use a scan rate of 300 packets per seconds
>>>
>>> To my knowledge, unicornscan is today still the best way to do a udp scan. Possible issue is that it is available in Linux only. I have not seen working versions on Windows or Mac (although I expect in theory it should be possible to get it working on Mac).
>>>
>>> Cor
>>>
>>> On Jun 29, 2012, at 9:13 AM, a bv wrote:
>>>
>>>> Hi,
>>>>
>>>> Using mosly zenmap , udp scan takes so long mostly . I try to scan all
>>>> ports 1-65535 but also i do that at tcp scan too at the same port
>>>> range but tcp scan takes too little time according to udp. I start to
>>>> udp scan a few local hosts
>>>>
>>>> and after a day when i turn to the screen i see that it gives %40.3
>>>> etc and not completed yet (not sure if it still continues to scan).
>>>> What can be the reason and what is the best /efficient way to do a udp
>>>> scan?
>>>>
>>>>
>>>> Regards
>>>>
>>>> ------------------------------------------------------------------------

>>>> Securing Apache Web Server with thawte Digital Certificate
>>>> In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.
>>>>
>>>> http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442
f727d1
>>>> ------------------------------------------------------------------------

>>>>
>>>
>>>
>>> ------------------------------------------------------------------------

>>> Securing Apache Web Server with thawte Digital Certificate
>>> In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.
>>>
>>> http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442
f727d1
>>> ------------------------------------------------------------------------

>>>
>>
>> Well yes ofcourse Nmap UDP scans are going to take some time to scan
>> this is a well known fact. Open and filtered ports rarely send any kind
>> of response which leaves nmap to time-out and the retry transmissions
>> just in case the the probe or scan was lost. Linux in general usually is
>> very strict about sending out ICMP port unreachable messages and usually
>> limits this to 1 ICMP port unreachable message per second which is
>> another big reason why UDP scans take a very long.
>>
>> Also remember that scans like UDP or full scans where you are scanning
>> all 65,000+ ports instead of the default popular 1,000 ports which nmap
>> scans by default should be ran in the background and you can come back
>> to scans later and view or compare your results.
>>
>> There are however a few things you can do to speed up UDP scans with Nmap.
>>
>> 1. Try scanning popular UDP ports first. By using the (-F) option i
>> believe nmap will scan the most popular 100 UDP ports and this tends to
>> finish very quickly. You can do this first then go back to doing a full
>> UDP scan in the background if you need results quickly.
>>
>> 2. Try setting --version-intensity 0
>> This tells nmap to only try probes that are probably going to be the
>> most effective against the target network.
>>
>> 3. Try using --host-timeout to skip slow responding hosts.
>>
>>
>> There are other things you can do to improve the overall performance of
>> nmap but these are just some quick suggestions to get you started.
>>
>>
>> Again nmap is probably the greatest tool out there, and there are so
>> many things that you can do with it. Most people only use probably 10%
>> of nmap's potential. I would suggest getting the nmap book by fyodor, it
>> is sometimes a difficult read but it is a great book for sure.
>>
>> -nighthawk
>>
>> ------------------------------------------------------------------------

>> Securing Apache Web Server with thawte Digital Certificate
>> In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.
>>
>> http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442
f727d1
>> ------------------------------------------------------------------------

>>
>
>
> ------------------------------------------------------------------------

> Securing Apache Web Server with thawte Digital Certificate
> In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.
>
> http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442
f727d1
> ------------------------------------------------------------------------

>

------------------------------------------------------------------------

Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442
f727d1
------------------------------------------------------------------------

[ reply ]