Re: Idle (Witness) Scanning
From: Filipe Jorge Marques de Almeida (filipe@rnl.ist.utl.pt)Date: 05/03/02
- Previous message: Edwards, David (JTS): "Multifunction devices"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 3 May 2002 03:16:48 +0100 From: Filipe Jorge Marques de Almeida <filipe@rnl.ist.utl.pt> To: Evrim ULU <evrim@envy.com.tr>, pen-test@securityfocus.com
On Sat, Apr 27, 2002 at 11:52:54AM +0300, Evrim ULU wrote:
> So, is there a way to identify open and close(filtered) ports inside
> nat? or w2k assigns different id numbers for different ether interfaces?
Yes there is, but not by using SYN scanning because there will always be a
reply to the SYN (either SYN/ACK or RST).
Try sending FIN's istead of SYN's to the host. If the port is closed the id
should increment by 512, and by 256 if it's open.
-- Filipe Almeida aka LiquidK---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
- Previous message: Edwards, David (JTS): "Multifunction devices"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
