Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Data Interpretation

From: Ansgar Wiechers <bugtraq () planetcobalt net>
Date: Wed, 18 Mar 2009 20:17:06 +0100
On 2009-03-17 David Gillett wrote:

  Neither of these things is happening, and nmap can't tell why not.
SOMETHING must be listening, since no ICMP packet was received back,
but clearly it's not a normal process. The most likely scenario is
that a firewall or other security measure is dropping the SYN packet
without deigning to respond.


Packet filters aren't really listening (at least not in the TCP sense of
the word).


  This is, in fact, exactly what you want.


I have to disagree. What you actually want in a situation like that is
the firewall to respond with a RST.

Regards
Ansgar Wiechers
-- 
"The Mac OS X kernel should never panic because, when it does, it
seriously inconveniences the user."
--http://developer.apple.com/technotes/tn2004/tn2118.html

------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Find the source of cybercrime! Almost every crime today involves a computer or mobile device. Learn how to become a 
Computer Forensics Examiner in InfoSec Institute's hands-on Computer Forensics Course. Up to three industry recognized 
certs available, online computer forensics training available. 

http://www.infosecinstitute.com/courses/computer_forensics_training.html
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: