FIN is the finish data packet.
Attacker => FIN => Target
case 1: port open
Error message by deamon
case 2: port closed
No response
The output is similar to the TCP and SYN scan.
Pros and cons :
Stealth : good stealth as no connection is established with the target host
Not accurate :The scan is not reliable with non Inix systems
Countermeasures :
This type of scan can be blocked using simple firewall or route rule that blocks all FIN packets from systems which have no connection
FIN scan using Nmap
nmap -SF -P 1-200 www.target.com
Support The Ethical Hacker !! - Click Here If You Like My Contents !!!
Friday, November 13, 2009
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment