On Sat, Dec 08, 2001 at 11:07:40AM +0100, Jih?ne Krich?ne wrote:
> Do any one know nmap ?
Sure.
> if yes, can you please answer this question ?
> the -sS option checks the half opened ports on the target machine ; or
> generates a TCP Syn flood attack to the target?
Extract of the manpage (read the _fine_ manual *g* )
-sS TCP SYN scan: This technique is often referred to
as "half-open" scanning, because you don't open a
full TCP connection. You send a SYN packet, as if
you are going to open a real connection and you
wait for a response. A SYN|ACK indicates the port
is listening. A RST is indicative of a non-lis
tener. If a SYN|ACK is received, a RST is immedi
ately sent to tear down the connection (actually
our OS kernel does this for us). The primary advan
tage to this scanning technique is that fewer sites
will log it. Unfortunately you need root privi
leges to build these custom SYN packets.
With best regards
Hans
--
Hans-Joachim Picht, Consultant <h.picht@lnxce.net>
Linux Consulting Europe http://www.lnxce.net
Vogelhecke 2 D - 35447 Reiskirchen Tel: +491751629201
Fax: +49640862649 Germany
------------------------------------------------------------------------
To unsubscribe email security-discuss-request@linuxsecurity.com
with "unsubscribe" in the subject of the message.
