Re: Access on Port 0

To: "Alain Tesio" <alain@onesite.org>, <debian-security@lists.debian.org>
Subject: Re: Access on Port 0
From: "Statu Nascendi" <statu_nascendi@redmail.ro>
Date: Sat, 12 Oct 2002 16:33:55 +0300
Message-id: <[🔎] 002d01c271f4$02f191a0$010fa8c0@vasilica>
References: <[🔎] 87bs60qugm.fsf@pfaff.Stanford.EDU><[🔎] E180Bu8-00084Z-00@wabyn.net> <[🔎] 20021012103119.554bd308.alain@onesite.org>

While using nmap for fingerprinting my linux box, i noticed that it sends FP
flags for doing that. Is it really possible to fingerprint using corrupted
packets?

Do you have some docs on that?

Statu Nascendi.

----- Original Message -----
From: "Alain Tesio" <alain@onesite.org>
To: <debian-security@lists.debian.org>
Sent: Saturday, October 12, 2002 11:31 AM
Subject: Re: Access on Port 0


Packets on port 0 are invalid and like packets with private IPs or bad TCP
flags,
they can be used for fingerprinting the target system.
I don't see any other reason to see a packet on port 0.

Alain


--
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org

Reply to:

Follow-Ups:
- Re: Access on Port 0
  - From: Thiemo Nagel <thiemonagel@gmx.de>

References:
- Re: Access on Port 0
  - From: Ben Pfaff <blp@cs.stanford.edu>
- Re: Access on Port 0
  - From: Wade Richards <wade@wabyn.net>
- Re: Access on Port 0
  - From: Alain Tesio <alain@onesite.org>

Prev by Date: [OT] named logs
Next by Date: Re: [OT] named logs
Previous by thread: Re: Access on Port 0
Next by thread: Re: Access on Port 0
Index(es):
- Date
- Thread