Discovering UDP services

UDP services are often ignored during penetration tests, but good penetration testers know that they frequently reveal important host information and can even be vulnerable and used to compromise a host.

This recipe shows how to use Nmap to list all open UDP ports on a host.

How to do it...

Open your terminal and type:

#nmap -sU -p- <target>

The output follows Nmap's standard format:

# nmap -sU -F scanme.nmap.org

Nmap scan report for scanme.nmap.org (74.207.244.221)
Host is up (0.100s latency).
Not shown: 98 closed ports
PORT    STATE         SERVICE
68/udp  open|filtered dhcpc
123/udp open          ntp

How it works...

The argument -sU tells Nmap to launch a UDP scan against the target host. Nmap sends UDP probes to the selected ports and analyzes ...

Get Nmap 6: Network Exploration and Security Auditing Cookbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Nmap 6: Network Exploration and Security Auditing Cookbook by Paulino Calderon Pale

Discovering UDP services

How to do it...

How it works...

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly