I always use Nmap to scan IPs and ports but recently I was blocked off the network while I was doing a security test of infrastructure. What other tools, commands or methods could be used to scan infrastructure without risk about blocking?
Nmap uses threading and a particular way to test that makes firewalls to block you if you’re too exhaustive that are blocking you on the network. You should test port by port or a little list of ports in a timeframe, you can use netcat or if you’re on windows powershell’s Test-NetConnection.
For ncat is like this:
nc -vz ip.ip.ip.ip port
You can also make a script to show open and closed ports:
for i in port1 port2; do nc -z ip.ip.ip.ip $i && echo “Port $i open” || echo “Port $i closed”; done
For powershell is like this:
Test-NetConnection -Port port ip.ip.ip.ip
With Net Cat you can specify a port range like this:
nc -vz ip.ip.ip.ip initialport-endport
Using ol’ Asserts:
python3 -c “from fluidasserts.proto import tcp;tcp.is_port_open(‘fluidattacks.com’, 443)”