Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

ICF scan

From: isa vaul <nonleft () gmx net>
Date: Tue, 29 Jul 2003 10:41:32 +0200
Hi list,
This might not be the right place for it, but I thought maybe some of you guys had an explanation for the following. I was playing around with my XP box and scanned myself with the ICF in place and without. 

ICF-scan:

* + 127.0.0.1
            |___   135  DCE endpoint resolution
            |___   389  Lightweight Directory Access Protocol
            |___  1720  h323hostcall
            |___  3001  Redwood Broker
            |___  3002  EXLM Agent

without:

* + 127.0.0.1
            |___   135  DCE endpoint resolution
So as I understand the functionality of ICF (default adjustments) it should prevent every connection towards my computer unless the connection has been established by a process on my side (ACK, SYN/ACK). But why there are more open ports with ICF than without? 

Thanks for any suggestions in advance.

Kind Regards
Nonleft

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: