|
Security Basics
mailing list archives
RE: an error in the NMAP docs?
From: "Michael Herz" <mherz () uwaterloo ca>
Date: Thu, 7 Apr 2005 16:15:14 -0400
-----Original Message-----
From: David Gillett [mailto:gillettdavid () fhda edu]
The *purpose* of the exception is NOT "to allow the machine to act
as a DNS server". Its purpose is to allow the client to
receive DNS results even when these are returned using TCP
instead of UDP.
This is exactly what I'm saying too. Right from the beginning I belive ;-)
The NMAP docs describe exploiting a FIREWALL configuration
intended to allow machines to act as DNS and FTP CLIENTS.
And this is what I disagree with. To me, the phrase "allow DNS (53) or
FTP-DATA (20) packets to come through" implies a server service (ie.
requests are coming in to my DNS server on port 53).
Sorry for turning this into so many words :-(
---------------------------------------------------------------------------
Earn your MS in Information Security ONLINE
Organizations worldwide are in need of highly qualified information security
professionals. Norwich University is fulfilling this demand with its MS in
Information Security offered online. Recognized by the NSA as an
academically excellent program, NU offers you the opportunity to earn your
degree without disrupting your home or work life.
http://www.msia.norwich.edu/secfocus_en
----------------------------------------------------------------------------
 By Date 
By Thread
Current thread:
- RE: an error in the NMAP docs?, (continued)
RE: an error in the NMAP docs? Fields, James (Apr 05)
| 
Intro
