Re: Port function and scanning

Sebastian G. <seppi@xxxxxxxxx> wrote:
Volker Birk wrote:
The port concept is used by different network protocols. A port scanner
usually is used for TCP traffic, because there is an algorithm to
determine wether there is a process "listening" on the "port" (using a
socket or an XTI connection into the kernel with this maintenance
number). Port scanners are more seldomly used for UDP, because there is
no algorithm for this case for UDP.
There is.
no reply -> open or filtered

Wrong. No reply: open or closed.

From RC 792:
| The Internet Protocol is not designed to be absolutely reliable. The
| purpose of these control messages is to provide feedback about
| problems in the communication environment, not to make IP reliable.
| There are still no guarantees that a datagram will be delivered or a
| control message will be returned.

ICMP has message codes and subcodes, which are essentially similar to ports.

No, they aren't. ICMP is a messaging protocol using IP packets, and the
message codes have nothing to do with a port concept.

"Es muss darauf geachtet werden, dass das Grundgesetz nicht mit Methoden
geschützt wird, die seinem Ziel und seinem Geist zuwider sind."

Gustav Heinemann, "Freimütige Kritik und demokratischer Rechtsstaat"