18,356
社区成员
发帖
与我相关
我的任务
分享请发表友善的回复…
发表回复
DarkShow 2003-09-10
- 打赏
- 举报
关注中。。
sevencat 2003-09-10
- 打赏
- 举报
udp先CONNECT,再发送,假如出错的话就会收到那条目的端口怎么怎么啦的消息.
假如不执行CONNECT的话就不会受到那些ICMP消息.
假如不执行CONNECT的话就不会受到那些ICMP消息.
fengge888 2003-09-10
- 打赏
- 举报
同意 singlehero(傲剑狂刀)
loucai 2003-09-09
- 打赏
- 举报
学习
singlehero 2003-09-09
- 打赏
- 举报
接收ICMP报文啊,然后解包,只要ICMP报文的代码类型为3,代码为3就是了。
要注意是不是这个进程发来的啊。
要注意是不是这个进程发来的啊。
cernet 2003-09-09
- 打赏
- 举报
学习
vcforever 2003-09-09
- 打赏
- 举报
扫描一下吧!
利用网络通信的三次握手!
用connect函数不停的连接对方,直到找到一个打开的端口为止!
利用网络通信的三次握手!
用connect函数不停的连接对方,直到找到一个打开的端口为止!
schuyler 2003-09-05
- 打赏
- 举报
怎么接受目标端口的"ICMP port unreachable"消息啊?
approach 2003-08-13
- 打赏
- 举报
向目标端口发送一个UDP分组。如果目标端口以“ICMP port unreachable”消息响应,那么说明该端口是关闭的;反之,如果没有收到“ICMP port unreachable”响应消息,则可以肯定该端口是打开的。由于UDP协议是面向无连接的协议,这种扫描技术的精确性高度依赖于网络性能和系统资源。另外,如果目标系统采用了大量分组过滤技术,那么UDP扫描过程会变得非常慢。如果你想对Internet进行UDP扫描,那么你不能指望得到可靠的结果。
approach 2003-08-13
- 打赏
- 举报
Port numbers 0 through 1023 are well-known ports that systems administrators usually use for only system processes or for programs that privileged users are running. If attackers exploit a well-known port, they can potentially gain control of a server.
In an effort to compromise a network, attackers use several generic schemes to scan ports. The following examples focus on TCP and UDP scanning:
TCP connect() scanning is the most basic form of TCP scanning. An attacker's host issues a connect() system call to every interesting port on the target machine. If the port is listening, connect() will succeed; otherwise, the port is unreachable and the service is unavailable. This attack scheme is fast and doesn't require any special privileges; however, port scanner can easily detect and block this attack at the target system.
UDP Internet Control Message Protocol (ICMP) port unreachable scanning is one of the few UDP scans. UDP is a connectionless protocol, so it's harder to scan than TCP because UDP ports aren't required to respond to probes. Most implementations generate an ICMP port unreachable error when a user (or intruder) sends a packet to a closed UDP port. Thus, a lack of a response indicates an active port. Unfortunately, UDP port scanning is not as reliable as TCP port scanning. If you have a firewall between you and the internet that blocks UDP traffic by simply dropping the packet, and sends no response, our port scan will detect this as an indication of an open port.
In an effort to compromise a network, attackers use several generic schemes to scan ports. The following examples focus on TCP and UDP scanning:
TCP connect() scanning is the most basic form of TCP scanning. An attacker's host issues a connect() system call to every interesting port on the target machine. If the port is listening, connect() will succeed; otherwise, the port is unreachable and the service is unavailable. This attack scheme is fast and doesn't require any special privileges; however, port scanner can easily detect and block this attack at the target system.
UDP Internet Control Message Protocol (ICMP) port unreachable scanning is one of the few UDP scans. UDP is a connectionless protocol, so it's harder to scan than TCP because UDP ports aren't required to respond to probes. Most implementations generate an ICMP port unreachable error when a user (or intruder) sends a packet to a closed UDP port. Thus, a lack of a response indicates an active port. Unfortunately, UDP port scanning is not as reliable as TCP port scanning. If you have a firewall between you and the internet that blocks UDP traffic by simply dropping the packet, and sends no response, our port scan will detect this as an indication of an open port.
