Basic HTML version of Foils prepared May 19 99

Foil 24 Port Scanners (4)

From Computer Crimes: Examples of Network Security attacks Tango Group Internal Technology Seminars -- April 23 99. by Roman Markowski


NMAP - http://www.insecure.org/nmap
  • TCP scans - connect to every port with 3-way handshake
  • UDP scans; SYN scans using IP fragments
  • ACK and FIN scans
  • designed to by-pass firewalls and intrusion detection tools
QueSO - http://www.apostols.org/projectz/queso
  • TCP scans with various combinations of TCP flags: SYN, SYN+ACK,FIN, FIN+ACK,SYN+FIN
  • can determine various types of the operating systems, kernel versions



© Northeast Parallel Architectures Center, Syracuse University, npac@npac.syr.edu

If you have any comments about this server, send e-mail to webmaster@npac.syr.edu.

Page produced by wwwfoil on Mon Aug 16 1999