Penetration Testing mailing list archives

Re: [PEN-TEST] Undetectible NMAP scans

From: Jose Nazario <jose () BIOCSERVER BIOC CWRU EDU>
Date: Fri, 25 Aug 2000 12:19:55 -0400

On Thu, 24 Aug 2000, Devdas Bhagat wrote:

Its moved to http://www.openwall.com/scanlogd .


while scanlogd can detect them, along with some other tools (scanlogd is
my personal favorite), you can't stop stealth scans, either, without a
packet filter that lets you block on the basis of arbitrary flags. ichains
doesn't have that capability, as i recall. (i use OpenBSD/ipfilter
firewalls, FWIW.)

detection is no good if all you can say is, "whoops... got nailed there."
may as well demand that you can block it, too.

jose nazario                                    jose () biochemistry cwru edu
PGP fingerprint: 89 B0 81 DA 5B FD 7E 00  99 C3 B2 CD 48 A0 07 80
Public key available at http://biocserver.cwru.edu/~jose/pgp-key.asc

Current thread:

[PEN-TEST] Undetectible NMAP scans Steve Cody (Aug 22)
- Re: [PEN-TEST] Undetectible NMAP scans Stefan Suurmeijer (Aug 23)
  - Re: [PEN-TEST] Undetectible NMAP scans Devdas Bhagat (Aug 24)
    - Re: [PEN-TEST] Undetectible NMAP scans Jose Nazario (Aug 26)
    - Re: [PEN-TEST] Undetectible NMAP scans Aj Effin ReznoR (Aug 27)
    - Re: [PEN-TEST] Undetectible NMAP scans Swen Schisler (Aug 28)
    - Re: [PEN-TEST] Undetectible NMAP scans Jan Muenther (Aug 26)
- Re: [PEN-TEST] Undetectible NMAP scans Andreas Hasenack (Aug 24)