Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: Nmap/netwag problem.
From: Martin Mačok <martin.macok () underground cz>
Date: Thu, 11 Aug 2005 13:49:48 +0200

On Wed, Aug 10, 2005 at 02:25:18PM +0200, Kaj Huisman wrote:

Anyway. a 'full connect' scan (one that performs the complete
three-way handshake will _always_ (?) be the most reliable.

You mean connect() scan? No, with connect() API you can't properly
distinguish between RST (closed port) and ICMP Port Unreachable
(filtered port) for example [RFC 1122] ...

My sugeestion is to perform either a nmap connect scan on the ports
from both results or to manually telnet to the ports and see the
response.

Regarding Nmap, the fastest and most reliable scanning technique is
SYN scan, not a connect() scan ...

Martin Mačok
ICT Security Consultant

------------------------------------------------------------------------------
FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't

Learn the hacker's secrets that compromise wireless LANs. Secure your
WLAN by understanding these threats, available hacking tools and proven
countermeasures. Defend your WLAN against man-in-the-Middle attacks and
session hijacking, denial-of-service, rogue access points, identity
thefts and MAC spoofing. Request your complimentary white paper at:

http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801
-------------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]