A user diagram protocol (UDP) scan checks for any UDP ports that are deployed on a target. Conversely, the regular scan only scans the TCP ports. UDP scans are normally slower and more difficult than TCP scans.
nmap -sU <target>
-sU option is used to perform a UDP scan on a
<target>. It can be combined with any TCP scan type. For example, a stealth (SYN) scan (
-sS) checks for UDP and TCP ports in the same run.
The following example runs a UDP scan on the site scanme.nmap.org:
nmap -sU scanme.nmap.org
Note: This is a site explicitly set up for testing Nmap. Scans should only be performed on domains with explicit permissions given to the user.
This results in the following output:
Starting Nmap 7.93 ( https://nmap.org ) at 2022-12-15 09:20 CETStats: 0:07:20 elapsed; 0 hosts completed (1 up), 1 undergoing UDP ScanUDP Scan Timing: About 45.33% done; ETC: 09:36 (0:08:49 remaining)Nmap scan report for scanme.nmap.org (184.108.40.206)Host is up (0.21s latency).Other addresses for scanme.nmap.org (not scanned): 2600:3c01::f03c:91ff:fe18:bb2fNot shown: 991 closed udp ports (port-unreach)PORT STATE SERVICE68/udp open|filtered dhcpc123/udp open ntp407/udp open|filtered timbuktu17487/udp open|filtered unknown20164/udp open|filtered unknown49180/udp open|filtered unknown49186/udp open|filtered unknown49198/udp open|filtered unknown50497/udp open|filtered unknownNmap done: 1 IP address (1 host up) scanned in 1073.60 seconds