Security Basics mailing list archives

Re[2]: how nmap can know my firewalled servers ?

From: Thierry Zoller <Thierry () Zoller lu>
Date: Fri, 14 Apr 2006 10:58:42 +0200

Dear Arturas Zalenekas,

AZ> How does TCP protocol work !? How should it replay, e.g. to a closed port
AZ> !? With ICMP packet !?
Lots of Packetfilters answer with ICMP Administravtively Prohibited,
sometimes also leaking their internal IP address by the way..  It is a
common way to respond every IP stack I know about will understand that
message.

AZ> No, it has to answer with an RST.
Answering with ICMP is fine, possible and in the wild.

-- 
http://secdev.zoller.lu
Thierry Zoller
Fingerprint : 5D84 BFDC CD36 A951 2C45  2E57 28B3 75DD 0AC6 F1C7


-------------------------------------------------------------------------
This List Sponsored by: Webroot

Don't leave your confidential company and customer records un-protected. 
Try Webroot's Spy Sweeper Enterprise(TM) for 30 days for FREE with no 
obligation. See why so many companies trust Spy Sweeper Enterprise to 
eradicate spyware from their networks.
FREE 30-Day Trial of Spy Sweeper Enterprise

http://www.webroot.com/forms/enterprise_lead.php
--------------------------------------------------------------------------

Current thread:

Re: how nmap can know my firewalled servers ?, (continued)
- - Re: how nmap can know my firewalled servers ? Harrison Holland (Apr 12)
- Re: how nmap can know my firewalled servers ? Nathaniel Hall (Apr 12)
  - Re: how nmap can know my firewalled servers ? Alice Bryson (Apr 13)
    - Re: how nmap can know my firewalled servers ? Arturas Zalenekas (Apr 13)
    - Re: how nmap can know my firewalled servers ? Gregory Boyce (Apr 17)
    - Re: how nmap can know my firewalled servers ? Arturas Zalenekas (Apr 17)
    - Re: how nmap can know my firewalled servers ? Gregory Boyce (Apr 13)
  - Re: how nmap can know my firewalled servers ? Alexey Eremenko (Apr 13)
    - Re: how nmap can know my firewalled servers ? manu (Apr 13)
    - Re: how nmap can know my firewalled servers ? Arturas Zalenekas (Apr 13)
    - Re[2]: how nmap can know my firewalled servers ? Thierry Zoller (Apr 17)
    - Re: Re[2]: how nmap can know my firewalled servers ? Arturas Zalenekas (Apr 17)
    - Message not available
    - Fwd: Re[2]: how nmap can know my firewalled servers ? John Bond (Apr 19)
    - Re: Fwd: Re[2]: how nmap can know my firewalled servers ? Ansgar -59cobalt- Wiechers (Apr 21)
- RE: how nmap can know my firewalled servers ? David Gillett (Apr 12)
- RE: how nmap can know my firewalled servers ? Burton Strauss (Apr 12)
- RE: how nmap can know my firewalled servers ? Jay Stapleton (Apr 13)
  - Re: how nmap can know my firewalled servers ? Alexey Eremenko (Apr 13)
  - MSN File Upload Monitoring fullsecure (Apr 17)
- Re: Fwd: Re[2]: how nmap can know my firewalled servers ? oldgrue (Apr 21)