[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <e024ccca0608151345i34c77a06mcfe3760909a2b824@mail.gmail.com>
Date: Tue, 15 Aug 2006 16:45:57 -0400
From: "Dude VanWinkle" <dudevanwinkle@...il.com>
To: "Julio Cesar Fort" <julio@...slabs.com.br>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Re: ICMP Destination Unreachable Port
Unreachable
On 8/15/06, Julio Cesar Fort <julio@...slabs.com.br> wrote:
> Dude VanWinkle,
>
> > <snip>
> > -----------------------------
> > Looks to me like they are using port 0.
> > http://www.grc.com/port_0.htm
> > -JP
>
> *NEVER TRUST* Steve Gibson. I bet he smokes crack. See
> http://attrition.org/errata/charlatan.html#gibson for more details.
thanks for the tip!
Still, I cant seem to help but think there is something to this port 0 thingy
http://www.networkpenetration.com/port0.html
<snip>
3. Port 0 OS Fingerprinting
---------------------------
As port 0 is reserverd for special use as stated in RFC 1700. Coupled
with the fact that this port number is reassigned by the OS, no
traffic should flow over the internet using this port. As the
specifics are not clear different OS's have differnet ways of handling
traffic using port 0 thus they can be fingerprinted.
--------------------------------------------
I guess that is just a reaction to traffic and not actual traffic via
port 0, but still nifty info
-JP
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists