From owner-freebsd-hackers Tue Jul 20 8:29:33 1999 Delivered-To: freebsd-hackers@freebsd.org Received: from mail.camalott.com (mail.camalott.com [208.203.140.2]) by hub.freebsd.org (Postfix) with ESMTP id 3D5DE15311 for ; Tue, 20 Jul 1999 08:29:25 -0700 (PDT) (envelope-from joelh@gnu.org) Received: from detlev.UUCP (tex-35.camalott.com [208.229.74.35]) by mail.camalott.com (8.8.7/8.8.7) with ESMTP id KAA24259 for ; Tue, 20 Jul 1999 10:32:04 -0500 Received: (from joelh@localhost) by detlev.UUCP (8.9.3/8.9.3) id LAA00999; Thu, 15 Jul 1999 11:26:11 -0500 (CDT) (envelope-from joelh) To: Matthew Dillon Cc: Stephen Hocking-Senior Programmer PGS Tensor Perth , hackers@FreeBSD.ORG, shocking@bandicoot.prth.tensor.pgs.com Subject: Re: Setting up a firewall with dynamic IPs References: <199907140116.JAA15266@ariadne.tensor.pgs.com> <199907140206.TAA85713@apollo.backplane.com> From: Joel Ray Holveck Date: 15 Jul 1999 11:26:11 -0500 In-Reply-To: Matthew Dillon's message of "Tue, 13 Jul 1999 19:06:40 -0700 (PDT)" Message-ID: <86r9m9hobg.fsf@detlev.UUCP> Lines: 15 X-Mailer: Gnus v5.5/Emacs 20.3 Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > Usually if a connection succeeds the firewall isn't stopping it > at all. How is nmap figuring out the service type? I assume by > making a connection and probing it. Nothing so elegant. It uses /etc/services. Most of its scans never finish opening the connection. (This is why it will normally mislabel RPC services; if in doubt, use rpcinfo.) joelh -- Joel Ray Holveck - joelh@gnu.org Fourth law of programming: Anything that can go wrong wi sendmail: segmentation violation - core dumped To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message