Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: an error in the NMAP docs?

From: "Michael Herz" <mherz () uwaterloo ca>
Date: Thu, 7 Apr 2005 10:12:56 -0400



-----Original Message-----
From: David Gillett 


-----Original Message-----
From: Michael Herz

If you create with a machine that is protected both inbound
and outbound by deny all rules and then add a packet filter 
rule to allow the machine to act as a DNS server (inbound port 
53). If you then scan this machine now by using the 
"--source_port 53" option, scans won't get through and no other
services will be exposed.


  Correct but irrelevant.  The NMAP docs refer to a possible way 
to get to DNS *clients*, not DNS servers.



And exactly my point. --source_port can exploit DNS client configurations. I
think the NMAP doc "describes" exploiting a DNS server configuration. Proper
server service configurations can't be exploited by using --source_port.
This is all I'm trying to say :-)


---------------------------------------------------------------------------
Earn your MS in Information Security ONLINE
Organizations worldwide are in need of highly qualified information security
professionals.  Norwich University is fulfilling this demand with its MS in
Information Security offered online.  Recognized by the NSA as an
academically excellent program, NU offers you the opportunity to earn your
degree without disrupting your home or work life.

http://www.msia.norwich.edu/secfocus_en
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: