Re: nmap

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sat, Dec 08, 2001 at 11:07:40AM +0100, Jih?ne Krich?ne wrote:

> Do any one know nmap ?

Sure.

> if yes, can you please answer this question ?
> the -sS option checks the half opened ports on the target machine ; or
> generates a TCP Syn flood attack to the target?

Extract of the manpage (read the _fine_ manual *g* )

 -sS    TCP  SYN  scan: This technique is often referred to
              as "half-open" scanning, because you don't  open  a
              full  TCP  connection. You send a SYN packet, as if
              you are going to open a  real  connection  and  you
              wait  for  a response. A SYN|ACK indicates the port
              is listening. A RST is  indicative  of  a  non-lis­
              tener.   If a SYN|ACK is received, a RST is immedi­
              ately sent to tear down  the  connection  (actually
              our OS kernel does this for us). The primary advan­
              tage to this scanning technique is that fewer sites
              will  log  it.   Unfortunately you need root privi­
              leges to build these custom SYN packets.

With best regards

    Hans
-- 
Hans-Joachim Picht, Consultant	<h.picht@lnxce.net> 
Linux Consulting Europe	http://www.lnxce.net
Vogelhecke 2	D - 35447 Reiskirchen	Tel: +491751629201 
Fax: +49640862649	Germany 
------------------------------------------------------------------------
     To unsubscribe email security-discuss-request@linuxsecurity.com
         with "unsubscribe" in the subject of the message.


[Index of Archives]     [Fedora Announce]     [Linux Crypto]     [Kernel]     [Netfilter]     [Bugtraq]     [USB]     [Fedora Security]

  Powered by Linux