Results 1 to 4 of 4

Thread: nmap -PS -PA -PU flags

  1. #1
    Junior Member imported_seven's Avatar
    Join Date
    May 2007
    Posts
    97

    Default nmap -PS -PA -PU flags

    Hello!
    I have a question. I bought fyodor's book for NMAP and it's been great! I am really learning the internals and best practices. But one thing i'm confused with is the host discovery flags PS PA PU. Syntax should be P[A/S/U]<port list>
    Essentially, it should be probing for hosts sending either SYN,ACK or UDP probes to the ports suggested. However, when I use it, I detects hosts that are up but on ports I didn't specify.
    E.G. @my house
    nmap -PS80,21,25 -PA80,21,25 -PU53 192.168.1.0/24 -v
    will yield results for my http server,ftp,dns but also scan ports up to 4444 and higher.
    Any reason this is happening? Am I using the flag wrong?

    Thank you.
    Lying is my life.

  2. #2
    Member
    Join Date
    Jan 2010
    Location
    The new forums
    Posts
    462

    Default

    Try separating the ports with -p.

    ex: nmap 192.168.1.1 -PS -p 21,25,80 -v

  3. #3
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default

    You're doing it the right way. The thing is the scan isn't limited by those probes/ports. After doing PS/PA/PU it still does the normal run of the default popular 1000 (or 1287) ports. If you don't want nmap to do that then you have to limit the ports to scan with the -p as Lincoln suggested.
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

  4. #4
    Just burned his ISO
    Join Date
    Jan 2009
    Posts
    3

    Default

    The best choice is to use those discovery flags with -sP parameter, so it won't start SYN scan on active systems.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •