| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <473A276F.10000@snosoft.com> Date: Tue, 13 Nov 2007 17:38:39 -0500 From: Simon Smith <simon@...soft.com> To: Kelly Robinson <caliana1989@...il.com> Cc: full-disclosure@...ts.grok.org.uk Subject: Re: Crafted SYN Packets... Kelly, SYN packets and ports do not correlate. And yes, SYN is TCP. You should read up on TCP/IP etc so that you understand protocols before posting to mailing lists. Kelly Robinson wrote: > Looking at some suspicious behaviour in our logs... > > If someone sends a packet with the SYN bit set to a host, typically what > is the client's source port? Or is that crafted too? > > And additionally, when a client does sent a packet of this type, am I > right in assuming its generally TCP only? Can you have a UDP SYN packet? > I assume because its connectionless, no??? > > > ------------------------------------------------------------------------ > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ -- - simon ---------------------- http://www.snosoft.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists