Hi Craig,
Straight from the nmap man page:
The FIN scan uses a bare (surprise) FIN packet as the probe, while the Xmas
tree scan turns on the FIN, URG, and PUSH flags. The Null scan turns off all flags.
Hope this helps,
-Mike
>>> Craig Van Tassle <[EMAIL PROTECTED]> 11/24/01 11:32PM >>>
Well i know what a port scan is and how it works.. i was asking about the Xmas and
NULL type scans. What flags do they set?
I was just asking bout these specific types of scans not port scanning in general.
Ill look up the Phrak mag artical to see if it has the info i'm looking for
thanks
Craig
On Fri, Nov 23, 2001 at 05:12:40PM +0100, Jeremie Werner wrote:
> Hello,
>
> I'm not sure I have clearly understand all the questions, but this may help
> you (I hope :).
>
> The ports that are marked as open are ports from your box, so the only port
> that could be open are services you are running on your box. It may be httpd,
> or even X server ...
>
> To detect the scan, you can use a NIDS (like snort), or even a specific
> program that detect portscan (Like scanlogd from openwall.com). To block
> portscan you should install a firewall, to filter the incoming packet.
>
> In order to understand the way of portscanning, you should read the paper
> from Fyodor published in Phrack 51 (phrack.org) and called 'The art of port
> scanning'.
>
> For more help, just try google.com :)
>
> Have fun ...
>
> >Hello everyone.
> >I'm running FreeBSD 4.4 and i was doing a port scan of my self (from a
> >remote
> >box that i have legal access to) and i was getting a log of open ports from
> >nmap -sN and nmap -sX. I was wondering why i was getting all of these "open
> >ports"
> >and does any one know how to stop these scans from getting though?
> >and how do these scans work?
>
> >Thanks
> >Craig
****************************************************************
Please Note
The information in this E-mail message is legally privileged
and confidential information intended only for the use of the
individual(s) named above. If you, the reader of this message,
are not the intended recipient, you are hereby notified that
you should not further disseminate, distribute, or forward this
E-mail message. If you have received this E-mail in error,
please notify the sender. Thank you
*****************************************************************
