31 Oct
2002
31 Oct
'02
06:26
Mathias Homann wrote:
Hi,
after a nmap run against my 'wall I found ALL ports except one for UDP wide open!!!
Hi! The reason for this is the behaviour of udp-Connections and the way nmap handles this. Nmap tries to establish a connection to the udp-ports for the scan. Due to the nature of udp (connectionless) nmap just sends the udp-packet und waits for the RST-Packet returned in "normal" cases. The default behaviour of SuSEfirewalls is to drop the packets. Thus nmap doesn't get the RST-Packet it is waiting for and assumes the port is open und has a listener. You have two choices: 1.) Change the behaviour of the SuSEfirewall from Drop to Reject. 2.) Believe in SuSE :) Regards Ralf Schumacher