Re: Port function and scanning
- From: "Sebastian G." <seppi@xxxxxxxxx>
- Date: Tue, 26 Jun 2007 21:06:07 +0200
Volker Birk wrote:
The port concept is used by different network protocols. A port scanner
usually is used for TCP traffic, because there is an algorithm to
determine wether there is a process "listening" on the "port" (using a
socket or an XTI connection into the kernel with this maintenance
number). Port scanners are more seldomly used for UDP, because there is
no algorithm for this case for UDP.
There is.
no reply -> open or filtered
ICMP Destination Unreachable :: Port Unreachable -> closed
UDP reply -> definitely open
ICMP by contrast has no port concept at all. And any port scanning
system, which claims to implement "ICMP port scanning", is nonsense
(like the Symantec trash).
ICMP has message codes and subcodes, which are essentially similar to ports.
Still using the term "port" is, of course, wrong.
.
- Follow-Ups:
- Re: Port function and scanning
- From: Volker Birk
- Re: Port function and scanning
- References:
- Port function and scanning
- From: NoSpam
- Re: Port function and scanning
- From: Volker Birk
- Re: Port function and scanning
- From: NoSpam
- Re: Port function and scanning
- From: Volker Birk
- Re: Port function and scanning
- From: NoSpam
- Re: Port function and scanning
- From: Volker Birk
- Port function and scanning
- Prev by Date: Re: Port function and scanning
- Next by Date: Re: Port function and scanning
- Previous by thread: Re: Port function and scanning
- Next by thread: Re: Port function and scanning
- Index(es):
Relevant Pages
|
