Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: SYN ACK scans to random ports
From: Jan Murawski <der () oelgoetze de>
Date: Tue, 24 Sep 2013 21:02:59 +0200

For example nmap can randomize the list of scanned ports. I guess, that
is supposed to confuse people :)


Le 24/09/2013 16:34, Fabio a écrit :
Il 24/09/13 14:49, silence_is_best () hushmail com ha scritto:
Can someone explain the point of a SYN ACK scan to random high ports?  I
usually see a fair amount of these...at first I thought it was maybe a
block to an initiating SYN packet, but I don't see any evidence that the
SYN ACK isn't the first packet seen.  Danke.


Typically an ACK or SYN ACK scan is used to map out firewall rulesets,
determining whether they are stateful or not and which ports are filtered.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/






Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]