Saturday, 2 February 2013

TCP SYN scans


TCP SYN scans

The SYN scans should be consistent with the connect scans in most
cases although some security gateways may respond differently.

Other TCP scans

The FIN and NULL scans (Figure 27 and Figure 28) on the NT box
produced spurious results due to the Microsoft TCP/IP stack
implementation, as expected:


FIN Scan

Starting nmap V. 2.54BETA1 by fyodor@insecure.org ( www.insecure.org/
nmap/ )
Interesting ports on (192.168.3.4):
(The 65531 ports scanned but not shown below are in state: closed)
Port State Service
17/tcp filtered qotd
10167/tcp filtered unknown
28453/tcp open unknown
45146/tcp open unknown
Nmap run completed -- 1 IP address (1 host up) scanned in 44 seconds

NULL Scan


Starting nmap V. 2.54BETA1 by fyodor@insecure.org ( www.insecure.org/
nmap/ )
All 65535 scanned ports on (192.168.3.4) are: closed
Nmap run completed -- 1 IP address (1 host up) scanned in 39 seconds



The results from the Solaris box (omitted due to their length) confirm
the same TCP ports to be open as the TCP connect scan, and also give
further information about which ports are ’closed’ and which are
’filtered’. The filtered ports are reported as such if nmap either receives
no response (e.g. a network error or a packet dropped by a gateway), or
receives an ICMP unreachable message of some kind.




at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)
  • Substitute Bytes Transformation
    Substitute Bytes Transformation Forward and Inverse Transformations The forward substitute byte transformation , called SubBytes,...
  • Finding the Greatest Common Divisor
    Finding the Greatest Common Divisor The Euclidean algorithm is based on the following theorem: For any nonnegative integer a and any...