A SYN scan is a "half open" scan:
http://www.google.com/search?hl=en&q=nessus+syn+scan+half+open&btnG=Google+Search
http://www.edgeos.com/nessuskb/results.cgi?gui_section=&kw=generate&nessusrc_section=
From the scond URL, under SYN:
"This technique is often referred to as "half-open" scanning, because
you do not open a full TCP connection. You send a SYN packet, as if
you are going to open a real connection and you wait for a response. A
SYN|ACK indicates the port is listening. A RST is indicative of a non-
listener. If a SYN|ACK is received, a RST is immediately sent to tear
down the connection (actually our OS kernel does this for us). The
primary advantage to this scanning technique is that fewer sites will
log it."
On Apr 8, 2008, at 4:13 PM, francesco sottini wrote:
How can i set the SYN scan "half open"?
remember that i am using the nessus server...
thanks!
On Tue, Apr 8, 2008 at 7:07 PM, Michel Arboi <mikhail@nessus.org>
wrote:
Le Tue, 8 Apr 2008 18:06:35 +0200,
"francesco sottini" <francesco.sot@gmail.com> a écrit :
> Nmap with Xmas tree scan setted, i obtain that whatever port number
> i scan, it is open and no other information.
That's normal if the machine is unresponsive.
Xmas Tree portscan is useless for a vulnerability audit. Use SYN "half
open" scan or full TCP scan.
--
Francesco S. _______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
