Is there a way to identify active TCP ports/sessions (otherwise seen as closed via a port scanner)? I am working pen-test where I need to identify the ports associated with an established TCP session. In this situation, data is only transmitted one direction, server -> client. It is transmitted intermittently on an as needed basis with no established patterns. The TCP session stays up even though no data is being sent, so the ports on the server and client side remain static. The application layer is a proprietary app. There is no way to use a use a sniffer. Would an active port respond back as closed slower than a truely closed port for example. Could this type of test even at all possible due to traffic load fluctuations? Any ideas? Cheers, Fei Hu -- Get your free email from www.linuxmail.org Powered by Outblaze ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Thu Oct 04 2001 - 11:06:17 PDT