Dmitriy Kropivnitskiy <[EMAIL PROTECTED]> writes: [snip] > > how does this stop the scanner from identifying open ports? > > If you actually drop packets instead of rejecting them your port scanner > will slow down to a crawl, since it has to wait for timeout on every try.
Bzzzzzzt. Push out loads of packets to many hosts at one port per host, and just sit back & wait for the responses; they'll tell you if they're listening. Absolutely *nobody* does multi-port per host sweeps these days - to the extent that I nmapped myself from ports 20-25 only, this morning, and it occupied the greater amount of the firewall log for the last 24hrs. ~Tim -- And in the rapture and the charm, |[EMAIL PROTECTED] Came the tranquil and the calm, |http://spodzone.org.uk/ On the ridge of the mighty Atlantic. | -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]