1

After reading this post here, from security.stackexchange, I was wondering what is the best way to scan all ports of a single maching using tcp scan only.

"nmap -sT -p 1-65535 localhost" is what I would try naturally but, I suppose, there is a better solution.

Also, I think that tcp scan is fastest than udp scan. In his reply the OP from that link wrote that he reached 12k ports in less than 3 secs using udp scan on nmap but with no accuracy. Is really possible the same results but using tcp scan (12k ports in 3 secs or less) and having the certain that all ports were scanned? (using a tool like Nmap or not)

Doe Joe
  • 11
  • 1
  • 3
  • TCP scan doesn't find UDP ports, so if your goal is to find UDP ports (like that OP) the fact TCP scan is faster is totally useless and irrelevant. – dave_thompson_085 Sep 22 '17 at 07:52

1 Answers1

2

The best reference for that would be Nmap's documentation https://nmap.org/book/man-port-scanning-techniques.html - here it clearly states that SYN is faster than CONNECT so the default of -sS should be faster than -sT. It also says that TCP scans are faster than UDP scans because of various issues such as message types, rate limiting, firewalls and others. What the OP says is possible; however, depending on system configuration, the results probably lack accuracy (although it might be doable in a fast network without any firewalls slowing down the business).

AdrianH
  • 41
  • 1