Nmap Development mailing list archives
Re: some nmap tools
From: Tristan Seligmann <mithrandi-nmap-dev () mithrandi za net>
Date: Sun, 7 Dec 2003 18:57:24 +0200
On Sun, Dec 07, 2003 at 15:06:37 -0000, testic+testic wrote:
If the remote port is 'open', ie a service is listening on that port, the sender will recieve a SYN/ACK. If the port is 'filtered' the sender will recieve an RST packet. If the port is 'closed' nothing at all will be recieved.
I may be wrong, but doesn't filtered mean an ICMP Reject was received? And sending SYN to a port with no service listening on it will result in RST, not nothing. (of course nothing will be received if a firewall just silently drops the packet).
In 'filtered' and 'closed' states the sender need send no more data at all. Only in 'open' state does any further data need to be sent, in this state we will be sending a further ACK and also we need to close the connection, Nmap I believe will neatly close the connection using FIN. As far as I can tell
I would think nmap would just send RST after receiving SYN|ACK. mithrandi
Attachment:
signature.asc
Description: Digital signature
Current thread:
- some nmap tools MadHat (Dec 06)
- Re: some nmap tools Bo Cato (Dec 07)
- Re: some nmap tools MadHat (Dec 07)
- RE: some nmap tools Hasnain Atique (Dec 07)
- Re: some nmap tools MadHat (Dec 07)
- RE: some nmap tools Hasnain Atique (Dec 08)
- Re: some nmap tools MadHat (Dec 07)
- Re: some nmap tools Bo Cato (Dec 07)
- <Possible follow-ups>
- Re: some nmap tools testic+testic (Dec 07)
- Re: some nmap tools Akbar Ali (Dec 07)
- Re: some nmap tools Tristan Seligmann (Dec 09)
- Re: some nmap tools MadHat (Dec 09)