Home page logo

bugtraq logo Bugtraq mailing list archives

Re: analysis of auditable port scanning techniques
From: Henrik Nordstrom <hno () HEM PASSAGEN SE>
Date: Tue, 9 Jan 2001 01:34:59 +0100

Dan Harkless wrote:

Well, there's a feature request for auth/ident/tap daemons running on OSes
(if any) that can distinguish after-the-fact between connections that
originated locally and those that originated remotely.  Assuming that
doesn't break RFCs 931 / 1413, of course (I'd re-read them right now to
check, if I had the time)...

Well, the simple fix would to deny queries for ports where there is a
local service listening on the same interface/IP (or "ANY").

Henrik Nordstrom

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]