|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Ralf Schumacher (ralf_schumacher_at_gmx.net)
Date: Thu Oct 31 2002 - 00:26:36 CST
Mathias Homann wrote:
>Hi,
>
>
>after a nmap run against my 'wall I found ALL ports except one for UDP wide
>open!!!
>
>
>
Hi!
The reason for this is the behaviour of udp-Connections and the way nmap
handles this.
Nmap tries to establish a connection to the udp-ports for the scan.
Due to the nature of udp (connectionless) nmap just sends the udp-packet
und waits
for the RST-Packet returned in "normal" cases.
The default behaviour of SuSEfirewalls is to drop the packets. Thus nmap
doesn't
get the RST-Packet it is waiting for and assumes the port is open und
has a listener.
You have two choices:
1.) Change the behaviour of the SuSEfirewall from Drop to Reject.
2.) Believe in SuSE :)
Regards
Ralf Schumacher
-- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-helpsuse.com Security-related bug reports go to security
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]