Full Disclosure mailing list archives
ICF scan
From: isa vaul <nonleft () gmx net>
Date: Tue, 29 Jul 2003 10:41:32 +0200
Hi list,This might not be the right place for it, but I thought maybe some of you guys had an explanation for the following. I was playing around with my XP box and scanned myself with the ICF in place and without.
ICF-scan: * + 127.0.0.1 |___ 135 DCE endpoint resolution |___ 389 Lightweight Directory Access Protocol |___ 1720 h323hostcall |___ 3001 Redwood Broker |___ 3002 EXLM Agent without: * + 127.0.0.1 |___ 135 DCE endpoint resolutionSo as I understand the functionality of ICF (default adjustments) it should prevent every connection towards my computer unless the connection has been established by a process on my side (ACK, SYN/ACK). But why there are more open ports with ICF than without?
Thanks for any suggestions in advance. Kind Regards Nonleft _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- ICF scan isa vaul (Jul 29)
- RE: ICF scan Mortis (Jul 29)