[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] UDP wide open?!?!?



On Thu, Oct 31, 2002 at 12:46:37AM +0100, Mathias Homann wrote:
> > As for "UDP wide open": Did you consider the fact that every filtered
> > UDP port is reported as "open" by an nmap scan?
> 
> AH! now THAT is the bit of information I was looking for!

nmap will report everything as "open" for which it doesn't
receive an explicit ICMP_PORT_UNREACH. Unless you've configured
your firewall to REJECT instead of DROP, nmap will not see any
responses at all.

Olaf
-- 
Olaf Kirch     |  Anyone who has had to work with X.509 has probably
okir@xxxxxxx   |  experienced what can best be described as
---------------+  ISO water torture. -- Peter Gutmann

-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here