On Sat, Apr 27, 2002 at 11:52:54AM +0300, Evrim ULU wrote: > So, is there a way to identify open and close(filtered) ports inside > nat? or w2k assigns different id numbers for different ether interfaces? Yes there is, but not by using SYN scanning because there will always be a reply to the SYN (either SYN/ACK or RST). Try sending FIN's istead of SYN's to the host. If the port is closed the id should increment by 512, and by 256 if it's open. -- Filipe Almeida aka LiquidK ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Sun May 05 2002 - 09:13:05 PDT