Nmap Announce mailing list archives
Re: Are these signatures nmap?
From: Max Vision <vision () whitehats com>
Date: Mon, 22 May 2000 22:59:06 -0700 (PDT)
On Tue, 23 May 2000, Denis Ducamp wrote:
On Mon, May 22, 2000 at 08:25:19AM -0500, Lance Spitzner wrote:Recently my network was scanned. I do not think this was nmap. If not, does anyone have any idea which tools this was?I have no idea which "scanner" it is but I couldn't use such paquets to scan a host. Tried against linux 2.2.13 and WinNT4SP5 but none of them replied. I don't think that it's a port scanner.
Ditto- when I first saw this post I whipped up a portscanner that would yield the exact same signature. It doesn't seem to elicit any response, to closed or open ports. Tried against windows, linux, solaris, openbsd, routers... I didn't expect a response, but then, now I've verified it. Looks like netjunk, someone messing around? :) 05/22-22:58:26.575900 xxx.xxx.xxx.xxx:31337 -> xxx.xxx.xxx.xxx:23 TCP TTL:64 TOS:0x10 ID:242 DF ***FRP** Seq: 0xA1D95 Ack: 0x53 Win: 0x400 Max
Current thread:
- First ever Nmap-Hackers User Survey Fyodor (May 21)
- Are these signatures nmap? Lance Spitzner (May 22)
- Re: Are these signatures nmap? Denis Ducamp (May 22)
- Re: Are these signatures nmap? Max Vision (May 22)
- Re: Are these signatures nmap? Denis Ducamp (May 22)
- Are these signatures nmap? Lance Spitzner (May 22)