Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Idle (Witness) Scanning

From: Filipe Jorge Marques de Almeida <filipe () rnl ist utl pt>
Date: Fri, 3 May 2002 03:16:48 +0100
On Sat, Apr 27, 2002 at 11:52:54AM +0300, Evrim ULU wrote:

So, is there a way to identify open and close(filtered) ports inside 
nat? or w2k assigns different id numbers for different ether interfaces?


Yes there is, but not by using SYN scanning because there will always be a
reply to the SYN (either SYN/ACK or RST).
Try sending FIN's istead of SYN's to the host. If the port is closed the id
should increment by 512, and by 256 if it's open.

--
Filipe Almeida
aka LiquidK

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
Previous By Date Next
Previous By Thread Next

Current thread: