Using Nmap for UDP Ports

Installed nmap (normal version-without scripting and ssl support) and I'm using luci-app-commands to use commands.

TCP ports scanning is ok. But the scan is too fast, scanning all 65535 TCP ports in 14 secs. I don't know if it's normal.

When I try to scan 1000 UDP ports with (nmap -sU -p1-1000 I get: "Error: Failed to execute command!"

It works for lesser number of ports like 10-20 ports.

What could be the reason?

My memory:

I highly doubt you scanned all 65535 ports in 14sec, that takes a loooong time (like hours or days). It sounds more like you by chance actually run some of the buildt in standard ports scan with a very narrow port list.


There are different scans also! You could just ping the ports to see if they exist and that would probably be fast.

You should get a result report of the scan that say what it did do?

What do you want to see/measure with NMAP?

At first glance NMAP looks nice but if you actually read the manual for NMAP the measuring faults and pitfalls is a never ending story in a network and the false readings/results are never ending just by the way a network hardware is built and operated.

Kali Linux doesn’t even have nmap any longer.

To evaluate a unix firewall it seems more quality assured to look at the different firewall status reports in the device you are looking at instead of running NMAP.

No. Why would it take that long? You only have to send 64k SYN packages and wait for the answers. When the packages for closed ports are dropped, you'll have to wait for a timeout, but that can happen in parallel. Else you can be done within a second, on a gigabit line. Maybe you'll have to slow it down to prevents DOSsing your own TCP stack or the remote ones. I just did an nmap on all ports of my server (over 100Mbit) and it took 4.55 seconds.

1 Like