I always use Nmap to scan IPs and ports but recently I was blocked off the network while I was doing a security test of infrastructure. What other tools, commands or methods could be used to scan infrastructure without risk about blocking?
Nmap uses threading and a particular way to test that makes firewalls to block you if youâre too exhaustive that are blocking you on the network. You should test port by port or a little list of ports in a timeframe, you can use netcat or if youâre on windows powershellâs Test-NetConnection.
For ncat is like this:
nc -vz ip.ip.ip.ip port
You can also make a script to show open and closed ports:
for i in port1 port2; do nc -z ip.ip.ip.ip $i && echo âPort $i openâ || echo âPort $i closedâ; done
For powershell is like this:
Test-NetConnection -Port port ip.ip.ip.ip
With Net Cat you can specify a port range like this:
nc -vz ip.ip.ip.ip initialport-endport
Using olâ Asserts:
python3 -c âfrom fluidasserts.proto import tcp;tcp.is_port_open(âfluidattacks.comâ, 443)â
netstat -nlt | grep 'tcp â | grep -Eo â[1-9][0-9]*â | xargs -I {} sh -c âecho ââ | nc -v -n -w1 127.0.0.1 {}â