Home page logo

basics logo Security Basics mailing list archives

Nmap - Under the hood
From: skill2die4 () secguru com
Date: Sun, 12 Dec 2004 03:43:41 -0600 (CST)

I am in a process of jotting down the various options available with NMAP
while doing port scanning, collecting ethereal packets for various
scans_types and also doing discussing on which scan works best under what

Results at :  http://www.secguru.com/forum/viewtopic.php?t=68

However, when i started fiddling with the -sF, -sX and -sN .. i found that
most of the machines being scanned are responding back as "open" to
everything. I tried these scan options against M$oft, Fedora and Solaris ;
but it reported all ports 'open' which i know aint true.

The Nmap manpage states, "There are times when even  SYN  scanning isn't
clandestine enough. Some firewalls and packet filters watch for SYNs to
restricted ports, and programs like Synlogger and Courtney are available
to detect these scans. These advanced scans, on the other hand, may  be 
able  to  pass through unmolested."

I got the idea about the scan , but dont have any live example. If you
know any OS.(+version) that DOES reply back with RST please let me know !



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]