Educause Security Discussion mailing list archives
Re: Vulnerability Scanning Problem
From: Michael Hornung <hornung () CAC WASHINGTON EDU>
Date: Wed, 13 Dec 2006 11:54:49 -0800
On Tue, 12 Dec 2006 at 08:40, Wyman Miles wrote: |Coupling your scanner to ARP table mining only goes so far. The host might |be up, but if the firewall ropes in the scanner and won't let it go, you'll |still get nothing. And persuading the scanner to rattle off SYNs at all |possible open ports is just a recipe for boredom and dissatisfaction. On the contrary, firing off SYNs and getting no answer in this case is better than nothing; it strongly suggests that the target host (or a firewall between scanner and target) is on the network but not responding to, or actively blocking, your SYN packets. _____________________________________________________ Michael Hornung Computing & Communications hornung () washington edu University of Washington
Current thread:
- Vulnerability Scanning Problem Logan, Kimberly (loganks) (Dec 11)
- <Possible follow-ups>
- Re: Vulnerability Scanning Problem Michael Hornung (Dec 11)
- Re: Vulnerability Scanning Problem Wang Cheng (Dec 11)
- Re: Vulnerability Scanning Problem Wyman Miles (Dec 12)
- Re: Vulnerability Scanning Problem Graham Toal (Dec 12)
- Re: Vulnerability Scanning Problem Curt Wilson (Dec 12)
- Re: Vulnerability Scanning Problem Russell Fulton (Dec 12)
- Re: Vulnerability Scanning Problem Curt Wilson (Dec 13)
- Re: Vulnerability Scanning Problem Michael Hornung (Dec 13)
- Re: Vulnerability Scanning Problem Mike Wiseman (Dec 13)
- Re: Vulnerability Scanning Problem Russell Fulton (Dec 13)
- Re: Vulnerability Scanning Problem Curt Wilson (Dec 15)
- Re: Vulnerability Scanning Problem Randy Marchany (Dec 15)