Fyodor has made a major improvement to UDP scanning in the latest release of nmap. Rather than regurgitate the entire write up by Rob Vanderbrink on the Internet Storm Center, found here, let me summarize by saying Fyodor has changed nmap's operation for certain UDP services. nmap will now actually connect to that service and therefore verify the port is open, and that the service is actually running. If you don't know why this was an issue in the past (and still is for any services not included in the new nmap), read Rob's diary entry. He does a great job of simplifying the explanation.
As always. the latest version of nmap can be found at Fyodor's site found here.
Information, tools and how-to's for the new intrusion analyst. Mentoring by blogging.
No comments:
Post a Comment