lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 15 Aug 2006 16:45:57 -0400 From: "Dude VanWinkle" <dudevanwinkle@...il.com> To: "Julio Cesar Fort" <julio@...slabs.com.br> Cc: full-disclosure@...ts.grok.org.uk Subject: Re: Re: ICMP Destination Unreachable Port Unreachable On 8/15/06, Julio Cesar Fort <julio@...slabs.com.br> wrote: > Dude VanWinkle, > > > <snip> > > ----------------------------- > > Looks to me like they are using port 0. > > http://www.grc.com/port_0.htm > > -JP > > *NEVER TRUST* Steve Gibson. I bet he smokes crack. See > http://attrition.org/errata/charlatan.html#gibson for more details. thanks for the tip! Still, I cant seem to help but think there is something to this port 0 thingy http://www.networkpenetration.com/port0.html <snip> 3. Port 0 OS Fingerprinting --------------------------- As port 0 is reserverd for special use as stated in RFC 1700. Coupled with the fact that this port number is reassigned by the OS, no traffic should flow over the internet using this port. As the specifics are not clear different OS's have differnet ways of handling traffic using port 0 thus they can be fingerprinted. -------------------------------------------- I guess that is just a reaction to traffic and not actual traffic via port 0, but still nifty info -JP _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists