What pattern should we expect (in a packet header dump) from a host that is port scanning another host ? – Digitalmunition




Home Forums What pattern should we expect (in a packet header dump) from a host that is port scanning another host ?

This topic contains 1 reply, has 2 voices, and was last updated by  Praxxer1 1 month, 3 weeks ago.

  • Author
    Posts
  • #334329

    anonymous
    Participant

    I have a dump of packet headers, and I am supposed to find a host that is port scanning another host, what patterns should I be looking for ?

    Thanks in advance guys.

  • #334330

    Praxxer1

    If I were to guess, probably “SYN” or “ACK” flags sent to every port 1-65535, without a successful connection made.

    But I’m not sure.

You must be logged in to reply to this topic.