By default, Nmap scans the top 1000 most popular ports, according to the statistics generated from Internet-wide scans and large internal network scans from the summer of 2008. There are a few options that change this: -F reduces the number to 100, -p allows you to specify which ports to scan, and --top-ports lets you specify how many of the most popular ports to scan. This means that the default scan is equivalent to --top-ports 1000, and -F is the same as --top-ports 100.
These numbers were set in version 4.75, and were a change from the roughly 1700 (TCP) ports that were the default in version 4.68. The purpose was to decrease scanning times while still giving reasonable results. The flexibility of Nmap's command-line options guarantees that you can still scan just about any combination of ports that you want, regardless of the defaults.
Scanning all 65536 TCP ports is still possible with -p0-, but it will take a very long time. Scanning all UDP ports with -sU -p0- will take even longer, because of the way that open ports are detected.
The number of ports scanned is also scan type dependent. You can scan all TCP ports, all UDP ports or all TCP and UDP ports together.
What you used -p 0-65535 will work depending on the scan type. You can abbreviate that using -p- as the colleague said above.
But that will scan all the ports depending on the type of scan you tell it to do.
For example, if you want to scan all TCP ports, then you need a TCP scan, whether with a full handshake or a stealthy TCP scan(SYN, ACK, FIN, NULL, XMAS) so your scan (here I'm doing a TCP SYN scan)would be
nmap -sS -p- TARGET_IP_ADDRESS_OR_IP_RANGE
If your scan was UDP only then you must start a UDP scan such as
nmap -sU -p- TARGET_IP_ADDRESS_OR_IP_RANGE
Now if you want to scan all, TCP and UDP ports in one go you can also do
But be aware that scanning all UDP ports will take a very long time, so if you want to make the scan faster make sure you decrease your probes and increase your time, you can choose -T5 for example.
By the way to scan select TCP and UDP ports you can do
By default, Nmap scans the top 1000 most popular ports, according to the statistics generated from Internet-wide scans and large internal network scans from the summer of 2008. There are a few options that change this:
-F
reduces the number to 100,-p
allows you to specify which ports to scan, and--top-ports
lets you specify how many of the most popular ports to scan. This means that the default scan is equivalent to--top-ports 1000
, and-F
is the same as--top-ports 100
.These numbers were set in version 4.75, and were a change from the roughly 1700 (TCP) ports that were the default in version 4.68. The purpose was to decrease scanning times while still giving reasonable results. The flexibility of Nmap's command-line options guarantees that you can still scan just about any combination of ports that you want, regardless of the defaults.
Scanning all 65536 TCP ports is still possible with
-p0-
, but it will take a very long time. Scanning all UDP ports with-sU -p0-
will take even longer, because of the way that open ports are detected.Well if you don't want to put the port range you can always just give the
argument, which will scan, by default, all the ports, except port 0. For port 0, you have to explicitly specify it.
The number of ports scanned is also scan type dependent. You can scan all TCP ports, all UDP ports or all TCP and UDP ports together. What you used -p 0-65535 will work depending on the scan type. You can abbreviate that using -p- as the colleague said above.
But that will scan all the ports depending on the type of scan you tell it to do. For example, if you want to scan all TCP ports, then you need a TCP scan, whether with a full handshake or a stealthy TCP scan(SYN, ACK, FIN, NULL, XMAS) so your scan (here I'm doing a TCP SYN scan)would be
If your scan was UDP only then you must start a UDP scan such as
Now if you want to scan all, TCP and UDP ports in one go you can also do
-pT:0-65535,U:0-65535
Therefore the scan could be
or
But be aware that scanning all UDP ports will take a very long time, so if you want to make the scan faster make sure you decrease your probes and increase your time, you can choose -T5 for example. By the way to scan select TCP and UDP ports you can do
This time I chose to do a TCP ACK stealth scan -sA besides the UDP scan.