[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <200608161233.28618.barrie@reboot-robot.net>
Date: Wed, 16 Aug 2006 12:33:13 +0100
From: Barrie Dempster <barrie@...oot-robot.net>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: Re: ICMP Destination Unreachable Port
Unreachable
<off list>
On Tuesday 15 August 2006 21:45, Dude VanWinkle wrote:
> Still, I cant seem to help but think there is something to this port 0
> thingy
>
> http://www.networkpenetration.com/port0.html
>
> <snip>
>
> 3. Port 0 OS Fingerprinting
> ---------------------------
> As port 0 is reserverd for special use as stated in RFC 1700. Coupled
> with the fact that this port number is reassigned by the OS, no
> traffic should flow over the internet using this port. As the
> specifics are not clear different OS's have differnet ways of handling
> traffic using port 0 thus they can be fingerprinted.
>
Although the port 0 in this case is a red herring and irrelevant. Port 0
itself when used with TCP/UDP (not ICMP!) can actually be used on the
Internet. A while back I modified netcat and my linux kernel so that it would
allow usage of port 0 and was able to connect to a remote machine via TCP
with that port and communicate fine.
A few routers, especially those with firewalling abilities, such as those
commonly used in SOHOs, reject the packets silently.
In short port 0 is "reserved" most OSs use it to mean "random" (but this is
not defined behaviour in an RFC, more of a tradition). If you do send out
port 0 packets though, many routers will allow them.
--
With Regards..
Barrie Dempster (zeedo) - Fortiter et Strenue
- http://reboot-robot.net -
"He who hingeth aboot, geteth hee-haw" Victor - Still Game
Download attachment "smime.p7s" of type "application/pkcs7-signature" (1902 bytes)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists