How to configure the TCP/UDP Port Scanners

Knowing which network services are exposed to the Internet is essential for securing the network perimeter of a company. Also, private networks must be monitored and secured, in case a malicious attacker gains initial access to the internal infrastructure. Let the TCP Port Scanner / UDP Port Scanner do that for you!
Written by Engineering Team
Updated 6 months ago

In this article, we explain all the features and options available to help you discover ports and services in your network.

With a Nmap portscan, you can easily get a quick view of the network attack surface that includes all open TCP/UDP ports and services.

Quick note:
In this article, we will present the configuration only for the TCP Port Scanner. The UDP Port Scanner has an almost identical configuration. 

Remember that the UDP Port Scanner is not suitable for performing traceroute because of the potential delivery issues of UDP traffic. While traceroute is capable of using both
ICMP and UDP packets to trace routes, UDP is designed to carry data, not to perform network management functions. As a consequence, it’s more likely to be blocked by firewalls along the route, making it less reliable than the ICMP-based traceroute from the TCP Port Scanner.

Light Scan

This option provides a brief overview of the system. It scans for the top 100 TCP/UDP ports (depending on the selected tool).

Configuration

Ports to scan: Top 100 used by Nmap.

Protocol type: TCP / UDP

Scan options:

 Check if the host is alive before scanning - enabled

Deep Scan

This is the default option that’s checked when you try to start a scan. It scans for the top 5000 TCP ports/top 1000 UDP ports (depending on the tool) and performs OS detection, service version detection, and traceroute (only for the TCP scan).

Configuration

Ports to scan

Protocol type: TCP / UDP

Scan options:

Check if the host is alive before scanning - enabled

We recommend you don’t change the default scan settings. However, if you have specific requirements or need to exclude several ports from the scan, you can configure these settings with a Custom Scan.

Custom Scan

This part of the interface enables you to configure the scanner to:

  • select which ports you want to scan
  • select which scan options you want to enable:
    • check if the host is alive before scanning
    • detect service version
    • detect operating system
    • do traceroute (only for the TCP Port Scanner)

Notes

  • A scan option called theCheck alive mechanismenables host discovery to check if the target is alive before scanning it. This option is enabled by default.
  • You can overwrite the default maximum time (in minutes) the scanner is allowed to run. The default value is 1440 minutes (24 hours) and it ensures the best scan coverage.
  • ⚠️  When using scheduled scans with Deep or Custom scan options, newly added features are not enabled by default. You need to reconfigure your scan parameters if you want to scan using the new features we keep adding.

Notifications

You can configure the TCP Port Scanner / UDP Port Scanner to send you notifications when your scan matches certain conditions (e.g. scan is Finished, the open port is 3389, the protocol is SSH, etc.).

You can find more details about notifications in our dedicated support article.

Did this answer your question?