Nmap Development mailing list archives
Re: udp port 53 (domain)
From: jah <jah () zadkiel plus com>
Date: Sat, 26 Jan 2008 13:59:19 +0000
On 26/01/2008 03:17, Kris Katterjohn wrote:
jah wrote:Hi! I hope the nearly-new year is treating everybody kindly. On 24/01/2008 16:12, in Re: PortBunny - FX and Fabs at 24C3 - UDP Results, Robert E. Lee wrote:*** Note: Missed port 53 UDPOn the subject of this port, I often do not get a response from probes to this port even with version detection. Has anyone else noticed that?I frequently receive replies from 53/udp when using version detection, but I don't think I've ever had a response without it.
I think I may have been too hasty when I said "even with version detection" because I've since found that I too get responses with it. The behaviour I've seen may well be a result of scanning large numbers of udp ports and possibly triggering IPS before version detection gets a crack at the port. I'll keep this in mind in future and try and come up with something more concrete. jah _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Re: PortBunny - FX and Fabs at 24C3 - UDP Results Robert E. Lee (Jan 24)
- udp port 53 (domain) jah (Jan 24)
- Re: udp port 53 (domain) Kris Katterjohn (Jan 25)
- Re: udp port 53 (domain) jah (Jan 26)
- Re: udp port 53 (domain) Kris Katterjohn (Jan 25)
- udp port 53 (domain) jah (Jan 24)