Security Basics: RE: an error in the NMAP docs?

["Michael Herz" <mherz () uwaterloo ca>]

> -----Original Message-----
> From: David Gillett 
>
> > -----Original Message-----
> > From: Michael Herz
> >
> > If you create with a machine that is protected both inbound
> > and outbound by deny all rules and then add a packet filter 
> > rule to allow the machine to act as a DNS server (inbound port 
> > 53). If you then scan this machine now by using the 
> > "--source_port 53" option, scans won't get through and no other
> > services will be exposed.
>   Correct but irrelevant.  The NMAP docs refer to a possible way 
> to get to DNS *clients*, not DNS servers.
And exactly my point. --source_port can exploit DNS client configurations. I
think the NMAP doc "describes" exploiting a DNS server configuration. Proper
server service configurations can't be exploited by using --source_port.
This is all I'm trying to say :-)


---------------------------------------------------------------------------
Earn your MS in Information Security ONLINE
Organizations worldwide are in need of highly qualified information security
professionals.  Norwich University is fulfilling this demand with its MS in
Information Security offered online.  Recognized by the NSA as an
academically excellent program, NU offers you the opportunity to earn your
degree without disrupting your home or work life.

http://www.msia.norwich.edu/secfocus_en
----------------------------------------------------------------------------