<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Security Incidents: Re: Port 65535

Re: Port 65535

From: Pavel Kankovsky <peak_at_ARGO.TROJA.MFF.CUNI.CZ>
Date: Sat, 4 Mar 2000 18:14:17 +0100

On Thu, 2 Mar 2000, Murray, Mike wrote:

> Feb 29 07:12:25 firepower kernel: Packet log: private1 DENY eth0 PROTO=6
> 192.115.221.125:65535 207.245.232.127:65535 L=28 S=0x00 I=15817 F=0x00B8 T=47
> (#7)

This is a fragment (F stands for fragment offset). ipchains leave port
numbers equal to (u_short)(-1) if the fragment does not include a
(complete) TCP/UDP header.

--Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ]
"Resistance is futile. Open your source code and prepare for assimilation."
Received on Mar 06 2000

This message: [ Message body ]
Next message: Russell Fulton: "scans with spoofed address (was @home: Is *anyone*...)"
Previous message: Ryan Russell: "Re: getting to the point with DDoS"
In reply to: Murray, Mike: "Port 65535"
Next in thread: Murray, Mike: "Re: Port 65535"
Reply: Murray, Mike: "Re: Port 65535"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]

edgeos