Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Raptor firewall and ipid

From: Paul Johnston <paul () westpoint ltd uk>
Date: Mon, 08 Dec 2003 11:15:33 +0000
Hi,
Just found out that Raptor firewall has a clever fix for the incremental ipid problem... For RST packets, the ipid is always 1. Otherwise it is normal and incremental. This small change completely scuppers idle scan.
Maybe it would be possible to use this characteristic to help with os fingerprinting? 

Paul

--
Paul Johnston
Internet Security Specialist
Westpoint Limited
Albion Wharf, 19 Albion Street,
Manchester, M1 5LN
England
Tel: +44 (0)161 237 1028
Fax: +44 (0)161 237 1031
email: paul () westpoint ltd uk
web: www.westpoint.ltd.uk



---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to nmap-dev-help () insecure org . List archive: http://seclists.org
Previous By Date Next
Previous By Thread Next

Current thread: