<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Nmap Hackers: Re: Follow up "nmap" scans

Re: Follow up "nmap" scans

From: Aaron Campbell <aaron_at_cs.dal.ca>
Date: Mon, 22 May 2000 22:52:22 -0300 (ADT)

On Mon, 22 May 2000, Lance Spitzner wrote:

> 05/20-17:06:45.061034 192.160.13.4:31337 -> 172.16.1.101:1
> TCP TTL:44 TOS:0x10 ID:242
> ***FRP** Seq: 0xA1D95 Ack: 0x53 Win: 0x400

Another observation: the IP ID of 242 suggests that this tool may have
been developed with Libnet, since this is precisely the IP ID that is used
in many of the sample Libnet "test" programs. I'm guessing route likes the
band "Front 242" and that is why this was chosen.

.
: Aaron Campbell <aaron@cs.dal.ca> - [ http://www.biodome.org/~fx ]
`-------------------------------------------------------------------
Received on May 22 2000

This message: [ Message body ]
Next message: Denis Ducamp: "Re: Are these signatures nmap?"
Previous message: Lance Spitzner: "Follow up "nmap" scans"
In reply to: Lance Spitzner: "Follow up "nmap" scans"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]

edgeos