Port & Service Discovery

NMAP

The best method to find open ports and services remains to be NMAP.

Quick Discovery Scan

This scan will only look for common TCP/UDP ports and uses a faster ping scan method.

nmap -sn -T4 -PE -PM -PP -PU53,69,161,500,514,520,1434 -PA21,22,23,25,53,80,443,513,8080,3389 -PS21,22,23,25,53,80,443,513,8080,3389 -n -r -vv -oA discovery -iL ipfile.txt

This scan will perform a thorough assessment and attempt to find any and all ports.

Longer Full Scan

nmap -sT -n -Pn -p- -T3 --randomize-hosts --min-hostgroup 96 --max-retries 3 --min-parallelism 64 --max-scan-delay=5s --open -oA Full-TCP-Scan -iL ip-list.txt -vvv

• https://nmap.org/