Security Incidents mailing list archives
Re: Is it possible to derease gradually the number of Client port (add up time table) ?
From: Frank Knobbe <frank () knobbe us>
Date: Thu, 11 Mar 2004 01:24:59 -0600
On Wed, 2004-03-10 at 11:08, Lionel Ferette wrote:
So if the guy who wrote the scanner implemented a reverse loop to acquire ports, that can account for the behavior seen in your logs. Might be to evade some IDS rules that check for connections with increasing port numbers...
Or he just wanted to be different and hacked the kernel a bit so that the TCP/IP stack decreases the source port numbers instead of increasing them. :) Regards, Frank -- Warning at the Gates of Bill: Abandon hope, all ye who press <ENTER> here...
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- Is it possible to derease gradually the number of Client port ? toddjang (Mar 09)
- RE: Is it possible to derease gradually the number of Client port ? Rob Shein (Mar 09)
- RE: Is it possible to derease gradually the number of Client port (add up time table) ? Todd Jang (Mar 10)
- RE: Is it possible to derease gradually the number of Client port (add up time table) ? Rob Shein (Mar 10)
- Re: Is it possible to derease gradually the number of Client port (add up time table) ? Lionel Ferette (Mar 10)
- Re: Is it possible to derease gradually the number of Client port (add up time table) ? Frank Knobbe (Mar 11)
- Re: Is it possible to derease gradually the number of Client port (add up time table) ? Ben Timby (Mar 11)
- RE: Is it possible to derease gradually the number of Client port (add up time table) ? Todd Jang (Mar 10)
- RE: Is it possible to derease gradually the number of Client port ? Rob Shein (Mar 09)