Re: pinging a udp port

From: James Ventre (messageboard@ventrefamily.com)
Date: Sun Nov 13 2005 - 14:14:13 GMT-3

• Next message: Godswill Oletu: "Re: BGP and Tunnel"
• Previous message: Loi, Choon Ho: "RE: Router as Multicast Host"
• Maybe in reply to: Chacko, Raj: "pinging a udp port"
• Next in thread: Chacko, Raj: "RE: pinging a udp port"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

use something like nmap. The downside is that it will rely on ICMP port
unreachable and if it's a router you're polling - it may be rate limited.

http://www.auditmypc.com/freescan/readingroom/port_scanning.asp

    UDP Scanning

Port scanning usually means scanning for TCP ports, which are
connection-oriented and therefore give good feedback to the attacker.
UDP responds in a different manner. In order to find UDP ports, the
attacker generally sends empty UDP datagrams. If the port is listening,
the service should send back an error message or ignore the incoming
datagram. If the port is closed, then most operating systems send back
an "ICMP Port Unreachable" message. Thus, you can find out if a port is
NOT open, and by exclusion determine which ports are open. Neither UDP
packets, nor the ICMP errors are guaranteed to arrive, so UDP scanners
of this sort must also implement retransmission of packets that appear
to be lost (or you will get a bunch of false positives). Also, this
scanning technique is slow because of compensation for machines that
implement the suggestions of RFC 1812 and limit ICMP error message rate.
For example, a kernal may limit destination unreachable message
generation to 80 per 4 seconds, with a 1/4 second penalty if that is
exceeded.

Some people think UDP scanning is pointless - not so. Sometimes for
example, Rpcbind can be found hiding on an undocumented UDP port
somewhere above 32770. So it doesn't matter that port 111 is blocked by
the firewall. But can you find which of the more than 30,000 high ports
it is listening on? With a UDP scanner you can.

James

Chacko, Raj wrote:
> Hi, Is there a way to ping a udp port or send some kind of traffic to a udp
> port?
>
> Thanks,
>
> Raj
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: Godswill Oletu: "Re: BGP and Tunnel"
• Previous message: Loi, Choon Ho: "RE: Router as Multicast Host"
• Maybe in reply to: Chacko, Raj: "pinging a udp port"
• Next in thread: Chacko, Raj: "RE: pinging a udp port"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Dec 01 2005 - 09:12:06 GMT-3