Home
Blogs
Forums
News
Portfolios
Projects
Tutorials
16 users logged in
Proud partner of GDC 2025
New? Learn about game development.
Before posting, review our community guidelines.
Support GameDev.net with a monthly GDNet+ subscription!
Follow Us
Chat in the GameDev.net Discord!
Back to Networking and Multiplayer
Advertisement

UDP ports and port scanners

Started by May 30, 2005 09:09 PM
1 comment, last by Halo7 19 years, 8 months ago
do udp ports show up on port scanners?
-----------------www.stevemata.com
Only if there is an application listening to that specific port that is programmed to send a response based on the packet recieved to a port the scanner machine has open and is listening to. In short, general purpose UDP port scanning won't work. You have to be looking for a specific service.
Advertisement
From nmap man page:

Quote:

UDP scans:
This method is used to determine which UDP (User
Datagram Protocol, RFC 768) ports are open on a host. The tech-
nique is to send 0 byte udp packets to each port on the target
machine. If we receive an ICMP port unreachable message, then
the port is closed. Otherwise we assume it is open.

Some people think UDP scanning is pointless. I usually remind
them of the recent Solaris rcpbind hole. Rpcbind can be found
hiding on an undocumented UDP port somewhere above 32770. So it
doesn't matter that 111 is blocked by the firewall. But can you
find which of the more than 30,000 high ports it is listening
on? With a UDP scanner you can! There is also the cDc Back Ori-
fice backdoor program which hides on a configurable UDP port on
Windows machines. Not to mention the many commonly vulnerable
services that utilize UDP such as snmp, tftp, NFS, etc.

Unfortunately UDP scanning is sometimes painfully slow since
most hosts implement a suggestion in RFC 1812 (section 4.3.2.8)
of limiting the ICMP error message rate. For example, the Linux
kernel (in net/ipv4/icmp.h) limits destination unreachable mes-
sage generation to 80 per 4 seconds, with a 1/4 second penalty
if that is exceeded. Solaris has much more strict limits (about
2 messages per second) and thus takes even longer to scan. nmap
detects this rate limiting and slows down accordingly, rather
than flood the network with useless packets that will be ignored
by the target machine.

As is typical, Microsoft ignored the suggestion of the RFC and
does not seem to do any rate limiting at all on Win95 and NT
machines. Thus we can scan all 65K ports of a Windows machine
very quickly. Woop!


So yes, but it might not be accurate.

-Halo7

This topic is closed to new replies.

Advertisement

Popular Topics

taby
C++ pointers that are released upon going out of scope General and Gameplay Programming
Black_Berry
Another better idea than GTA (change my mind) GDNet Lounge
MitsubishiMagna
computer malfunction in visual studio 1&0 != 0!!! General and Gameplay Programming
pbivens67
click and drag sprite For Beginners
isu diss
How to Resolve This Normal Issue? Graphics and GPU Programming
Programier
Returning an object on the stack in a variadic function causes a crash AngelCode
Advertisement

Recommended Tutorials

Myopic Rhino
Designing for Online Communities Game Design and Theory
Myopic Rhino
Advanced WinSock Multiplayer Game Programming: Multicasting Networking and Multiplayer
justincarroll
How to Make Effective Official Game Websites Really Fast Business and Law
Myopic Rhino
Why Should I Hire a Freelance Designer? Business and Law
Myopic Rhino
Asset Management with ionForge Evolution Business and Law
Advertisement

Reticulating splines

About GameDev.net
Community Guidelines
Terms of Service
Privacy Policy
Contact Us
Copyright (c) 1999-2025 GameDev.net, LLC
Back to Top