Jul 08

quote from http://www.linuxquestions.org/questions/linux-security-4/telneting-to-a-udp-port-353876/

UDP is a connectionless protocol which means it basically just sends packets out to the specified destination. TCP is connection-oriented which means it establishes a connection to the other end using the ‘3-way handshake’.

So it makes sense to apply the ‘telnet’ paradigm to TCP – you make connection to a specific host and port, you still remain connected (for a period of time) even if you aren’t sending any data and you can send and receive data continuously without having to reconnect in between.

UDP on the other hand doesn’t really fit the telnet model – its more of a fire-and-forget system where you fire-off a series of packets towards the destination. You then go on with something else (or just wait doing nothing) until (or if) the remote process sends some packets back.

That is why we can’t use telnet to test udp port, in this tutorial i will try to use nmap, you need to install nmap first. Here is the command

# nmap -p [port] -sU -P0 [host name | ip address]
# nmap -p 5060 -sU -P0 example.com
# nmap -p 5060 -sU -P0 21.12.32.123

From the command shown above, I am assuming that the host example.com(21.12.32.123) is currently serving asterisk sip service on UDP port 5060.

Sample opened UDP port output:

# nmap -p 5060 -sU -P0 21.12.32.123

Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2010-07-07 22:26 MSD
Interesting ports on 21.12.32.123:
PORT     STATE         SERVICE
5060/udp open|filtered sip

Nmap finished: 1 IP address (1 host up) scanned in 2.021 seconds

If you have a closed UDP port, you should be seeing similar lines as shown

Interesting ports on localhost (127.0.0.1):
PORT STATE SERVICE
123/udp closed ntp