port scan to juniper fw
- From: "raimarm@xxxxxxxxx" <raimarm@xxxxxxxxxxxxxx>
- Date: Sun, 18 Oct 2009 14:15:25 +0200
Dear list,
I am performing a port scan to an IP address of juniper SSG firewall (6.2.r3).
When the port scan finishes the results show me a lot of open ports
although they are not open.
Further the results differ and the same scan shows different open
ports next time.
The tcpdump during the port scan shows me that the fw is answering
with a syn-ack after the third syn.
Why is this happening ? I would expect no answer or a rst packet.
I would be very happy if somebody could explain me this strange
behaviour and let me know how I can fix it.
Maybe there is an option on the fw to switch this off.
This is the nmap scan command:
nmap -sS -P0 <fw-untrust-ip>
Many Thanks
rm
------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board
Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
http://www.iacertification.org
------------------------------------------------------------------------
- Follow-Ups:
- Re: port scan to juniper fw
- From: Paul Melson
- Re: port scan to juniper fw
- Prev by Date: Nikto 2.1.0 released
- Next by Date: Re: Software to create IP Packets
- Previous by thread: Nikto 2.1.0 released
- Next by thread: Re: port scan to juniper fw
- Index(es):
Relevant Pages
|
