[prev in list] [next in list] [prev in thread] [next in thread] 

List:       nmap-dev
Subject:    Re: SYN Scan values - article
From:       Martin =?iso-8859-2?Q?Ma=E8ok?= <martin.macok () underground ! cz>
Date:       2006-06-25 13:45:55
Message-ID: 20060625134555.GA17067 () josefina ! dcit ! cz
[Download RAW message or body]

On Sun, Jun 25, 2006 at 12:16:19AM -0400, kx wrote:

> Does anyone have any packet logs to say how often the DF bit is set
> in the first SYN. I think I was seeing it always set on Linux and
> Windows XP.

More systems sets the DF bit but there are also some firewalls that
clear it while forwarding the traffic.

> Re: the RSTs, is it better to allow the host OS to send RSTs or not?

I think it is better to allow it. This was already discussed last
year, check this thread:
http://seclists.org/lists/nmap-dev/2005/Jan-Mar/0007.html
http://seclists.org/lists/nmap-dev/2005/Jan-Mar/0003.html

Martin Mačok
ICT Security Consultant


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev

[prev in list] [next in list] [prev in thread] [next in thread]