Penetration Testing mailing list archives
Identifying active sessions on ports without sniffing
From: "Fei Hu" <fei_hu () linuxmail org>
Date: Thu, 04 Oct 2001 23:42:09 +0800
Is there a way to identify active TCP ports/sessions (otherwise seen as closed via a port scanner)? I am working pen-test where I need to identify the ports associated with an established TCP session. In this situation, data is only transmitted one direction, server -> client. It is transmitted intermittently on an as needed basis with no established patterns. The TCP session stays up even though no data is being sent, so the ports on the server and client side remain static. The application layer is a proprietary app. There is no way to use a use a sniffer. Would an active port respond back as closed slower than a truely closed port for example. Could this type of test even at all possible due to traffic load fluctuations? Any ideas? Cheers, Fei Hu -- Get your free email from www.linuxmail.org Powered by Outblaze ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- Identifying active sessions on ports without sniffing Fei Hu (Oct 04)