Bugtraq mailing list archives
Re: analysis of auditable port scanning techniques
From: Henrik Nordstrom <hno () HEM PASSAGEN SE>
Date: Tue, 9 Jan 2001 01:34:59 +0100
Dan Harkless wrote:
Well, there's a feature request for auth/ident/tap daemons running on OSes (if any) that can distinguish after-the-fact between connections that originated locally and those that originated remotely. Assuming that doesn't break RFCs 931 / 1413, of course (I'd re-read them right now to check, if I had the time)...
Well, the simple fix would to deny queries for ports where there is a local service listening on the same interface/IP (or "ANY"). -- Henrik Nordstrom
Current thread:
- analysis of auditable port scanning techniques Guido Bakker (Jan 04)
- Re: analysis of auditable port scanning techniques Guido Bakker (Jan 05)
- Re: analysis of auditable port scanning techniques Dan Harkless (Jan 05)
- Re: analysis of auditable port scanning techniques Rainer Weikusat (Jan 08)
- Re: analysis of auditable port scanning techniques Dan Harkless (Jan 08)
- Re: analysis of auditable port scanning techniques Henrik Nordstrom (Jan 09)
- Message not available
- Message not available
- Re: analysis of auditable port scanning techniques D. J. Bernstein (Jan 16)
- Re: analysis of auditable port scanning techniques Rainer Weikusat (Jan 08)
- <Possible follow-ups>
- Re: analysis of auditable port scanning techniques dethy (Jan 08)
- Re: analysis of auditable port scanning techniques Michael Bacarella (Jan 08)
- Re: analysis of auditable port scanning techniques Michael S Soukup (Jan 08)