Nmap Development: Re: Nmap does not notice ACK packets

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Nmap Development mailing list archives

Re: Nmap does not notice ACK packets

From: Kris Katterjohn <katterjohn () gmail com>
Date: Mon, 05 Feb 2007 13:52:36 -0600

Mark Boltz wrote:

What you're seeing is possibly a firewall device of some kind, or maybe 
an IPS that is configured with SYN flood protection. I know that the 
Symantec firewalls have done this in the past, and it messes up other 
stateful firewalls in between that are expecting the SYN-ACK instead. If 
you could find out the device that's doing it, it would be a useful 
piece of information.


But why doesn't it happen with hping2 or netcat? That's why I was
suggesting using some options to change the packets in some way when
sending with Nmap. Is it because Nmap sends more packets than those
other programs? Maybe you can explain that one to me :)

Thanks,
Kris Katterjohn

Attachment: signature.asc
Description: OpenPGP digital signature


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

By Date By Thread

Current thread:

Nmap does not notice ACK packets Richard van den Berg (Feb 03)
- Re: Nmap does not notice ACK packets Kris Katterjohn (Feb 03)
  - Re: Nmap does not notice ACK packets Richard van den Berg (Feb 04)
    - Re: Nmap does not notice ACK packets Kris Katterjohn (Feb 04)
- <Possible follow-ups>
- Re: Nmap does not notice ACK packets Mark Boltz (Feb 05)
  - Re: Nmap does not notice ACK packets Kris Katterjohn (Feb 05)
    - Re: Nmap does not notice ACK packets Hans Nilsson (Feb 06)