Re: Data Interpretation



On 2009-03-19 David Gillett wrote:
I have to disagree. What you actually want in a situation like that
is the firewall to respond with a RST.

I'm aware of arguments for and against sending an RST; I considered
them beyond the scope of the present question. But certainly if these
services were merely unsupported and not actively hostile, sending an
RST would be the correct and polite thing to do.
And that would tell nmap that the port was actively being
blocked....

Huh? Unless I'm missing something, sending an RST would emulate the
exact same behavior that a "bare" TCP/IP stack has. Silently dropping
packets is a much stronger indicator that a port is actively being
blocked.

Regards
Ansgar Wiechers
--
"The Mac OS X kernel should never panic because, when it does, it
seriously inconveniences the user."
--http://developer.apple.com/technotes/tn2004/tn2118.html

------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Learn all of the latest penetration testing techniques in InfoSec Institute's Ethical Hacking class.
Totally hands-on course with evening Capture The Flag (CTF) exercises, Certified Ethical Hacker and Certified Penetration Tester exams, taught by an expert with years of real pen testing experience.

http://www.infosecinstitute.com/courses/ethical_hacking_training.html
------------------------------------------------------------------------



Relevant Pages

  • Re: Startup security lab setup
    ... InfoSec Institute ... Learn all of the latest penetration testing techniques in InfoSec Institute's Ethical Hacking class. ... Totally hands-on course with evening Capture The Flag exercises, Certified Ethical Hacker and Certified Penetration Tester exams, taught by an expert with years of real pen testing experience. ...
    (Pen-Test)
  • Startup security lab setup
    ... InfoSec Institute ... Learn all of the latest penetration testing techniques in InfoSec Institute's Ethical Hacking class. ... Totally hands-on course with evening Capture The Flag exercises, Certified Ethical Hacker and Certified Penetration Tester exams, taught by an expert with years of real pen testing experience. ...
    (Pen-Test)
  • RE: Log Management
    ... InfoSec Institute ... Learn all of the latest penetration testing techniques in InfoSec ... Institute's Ethical Hacking class. ... Certified Ethical Hacker and Certified Penetration Tester ...
    (Security-Basics)
  • Re: Securing RDP - Is it possible?
    ... -- This list is sponsored by: InfoSec Institute ... Learn all of the latest penetration testing techniques in InfoSec ... Institute's Ethical Hacking class. ... Certified Ethical Hacker and Certified Penetration Tester exams, ...
    (Pen-Test)
  • Re: Security Checklist
    ... InfoSec Institute ... Learn all of the latest penetration testing techniques in InfoSec Institute's Ethical Hacking class. ... Totally hands-on course with evening Capture The Flag exercises, Certified Ethical Hacker and Certified Penetration Tester exams, taught by an expert with years of real pen testing experience. ...
    (Security-Basics)