Security Incidents: Re: Is it possible to derease gradually the number of Client port (add up time table) ?

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Security Incidents mailing list archives

Re: Is it possible to derease gradually the number of Client port (add up time table) ?

From: Frank Knobbe <frank () knobbe us>
Date: Thu, 11 Mar 2004 01:24:59 -0600

On Wed, 2004-03-10 at 11:08, Lionel Ferette wrote:

So if 
the guy who wrote the scanner implemented a reverse loop to acquire 
ports, that can account for the behavior seen in your logs.

Might be to evade some IDS rules that check for connections with 
increasing port numbers...


Or he just wanted to be different and hacked the kernel a bit so that
the TCP/IP stack decreases the source port numbers instead of increasing
them. :)

Regards,
Frank


-- 
Warning at the Gates of Bill:  
Abandon hope, all ye who press <ENTER> here...

Attachment: signature.asc
Description: This is a digitally signed message part

By Date By Thread

Current thread:

Is it possible to derease gradually the number of Client port ? toddjang (Mar 09)
- RE: Is it possible to derease gradually the number of Client port ? Rob Shein (Mar 09)
  - RE: Is it possible to derease gradually the number of Client port (add up time table) ? Todd Jang (Mar 10)
    - RE: Is it possible to derease gradually the number of Client port (add up time table) ? Rob Shein (Mar 10)
    - Re: Is it possible to derease gradually the number of Client port (add up time table) ? Lionel Ferette (Mar 10)
    - Re: Is it possible to derease gradually the number of Client port (add up time table) ? Frank Knobbe (Mar 11)
    - Re: Is it possible to derease gradually the number of Client port (add up time table) ? Ben Timby (Mar 11)