|
Nmap Development
mailing list archives
Re: Nmap does not notice ACK packets
From: Kris Katterjohn <katterjohn () gmail com>
Date: Sun, 04 Feb 2007 18:16:09 -0600
Richard van den Berg wrote:
I've not seen a SYN coming from the remote host in this situation.
However, since the ACK triggers a RESET from my local system this might
be the reason. It's not likely though since the ACK and SYN should have
been sent at the same time and I should have seen it arrive. It's too
bad I cannot reproduce the issue when testing manually with netcat and
hping2.
I agree with you on the ACK and SYN timing stuff, but, again, I don't
think the ACK|SYN would be separate in the first place.
I don't know what these remote hosts are running. I've seen the issue
with different hosts on the same network. It could be an active device
in front of the real servers acting this way..
Hmm.. do your results change when using options like --data-length (or
maybe -f)? I'm not sure if that would help any, but it might narrow it
down some. I can hope, right? :)
Is it hosts *only* on this particular network? Have you had these
results anywhere else? Have you scanned from different networks?
Thanks,
Kris Katterjohn
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
 By Date 
By Thread
Current thread:
| 
Intro
