UDP scanning with Nmap
Nmap has an option that can be used to perform UDP scans on remote systems. The Nmap approach to UDP scanning is more complex and attempts to identify live services by injecting service-specific probe requests in an effort to solicit a positive response that confirms the existence of a given service. This recipe demonstrates how we can use Nmap UDP scanning to scan single ports, multiple ports, and even multiple systems.
Getting ready
To use Nmap to perform a UDP scan, you will need to have a remote system that is running network services over UDP. In the examples provided, an instance of Metasploitable2 is used to perform this task. For more information on how to set up Metasploitable2, refer to Chapter 1, Getting Started.
How to do it…
UDP scanning can often be challenging, time consuming, and tedious. Many systems will rate limit ICMP host-unreachable replies and can drastically increase the amount of time required to scan a large number of ports and/or systems...