Nmap Development mailing list archives
Re: TCP SYN scan with FIN
From: Kris Katterjohn <katterjohn () gmail com>
Date: Thu, 14 Dec 2006 08:38:18 -0600
Jan Engelhardt wrote:
Hi, the nmap -sS scan type sends SYN, gets SYN-ACK and sends RST. What would probably happen if a FIN was sent instead of RST? -`J'
It wouldn't because the kernel sends the RST because of the unsolicited SYN/ACK (because it doesn't see the SYN we send as an attempt to connect like through connect()). But if it did it would be just like sending a FIN packet like in a FIN scan. It wouldn't close the "connection". -Kris _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- TCP SYN scan with FIN Jan Engelhardt (Dec 14)
- Re: TCP SYN scan with FIN Kris Katterjohn (Dec 14)