Usually used to map firewall rulesets and distinguish between stateful and statelessfirewalls, this scan type sends ACK packets to a host. If an RST comes back,the port is classified ”unfiltered” (that is, it was allowed to send its RST throughwhatever firewall was in place). If nothing comes back, the port is said to be”filtered”. That is, the firewall prevented the RST coming back from the port.
This scan type can help determine if a firewall is stateless (just blocks incomingSYN packets) or stateful (tracks connections and also blocks unsolicited ACKpackets).Note that an ACK scan will never show ports in the ”open” state, and so itshould be used in conjunction with another scan type to gain more informationabout firewalls or packet filters between yourself and the victim.10
Comments :
Post a Comment