Nmap Development mailing list archives
Re: decoys and limiting outbound RST packets
From: Martin Mačok <martin.macok () underground cz>
Date: Sun, 2 Jan 2005 22:49:14 +0100
On Sat, Jan 01, 2005 at 05:19:30PM -0500, Michael Rash wrote:
Proposed solution:
Provide an interface to use a local packet filter (if available)
to restrict outbound RST packets to the target for the duration of
any scan that causes unsolicited SYN/ACK packets to be sent to the
scanning system.
In this case, the target could send SYN+ACK probe to every non-responding IP after the scan. If there is an IP that responds then it is the IP of the scanner. Martin Mačok IT Security Consultant --------------------------------------------------------------------- For help using this (nmap-dev) mailing list, send a blank email to nmap-dev-help () insecure org . List archive: http://seclists.org
Current thread:
- decoys and limiting outbound RST packets Michael Rash (Jan 01)
- Re: decoys and limiting outbound RST packets Slarty (Jan 02)
- Re: decoys and limiting outbound RST packets Martin Mačok (Jan 02)
- Re: decoys and limiting outbound RST packets Michael Rash (Jan 02)
- Re: decoys and limiting outbound RST packets Martin Mačok (Jan 02)
- Re: decoys and limiting outbound RST packets Michael Rash (Jan 02)
- Re: decoys and limiting outbound RST packets Martin Mačok (Jan 03)
- Re: decoys and limiting outbound RST packets Martin Mačok (Jan 02)
- Re: decoys and limiting outbound RST packets Slarty (Jan 02)
- Re: decoys and limiting outbound RST packets Michael Rash (Jan 02)
- <Possible follow-ups>
- RE: decoys and limiting outbound RST packets robert (Jan 05)