[Bug 78] -m psd -j TARPIT returns all ports open from nmap
bugzilla-daemon@netfilter.org
bugzilla-daemon@netfilter.org
Thu, 17 Apr 2003 15:47:58 +0200
https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=78
------- Additional Comments From tools@die.net 2003-04-17 15:47 -------
Showing any ports open that are sent to it is the normal function of TARPIT
target. The psd match will start routing all ports to it after it decides that
an IP is portscanning, so this is the expected behavior.
That being said, the psd match won't route any TCP ACK packets to the specified
target. It seems to be trying to do this to keep from affecting outgoing
connections, but its methodology is incompatible with the TARPIT target. The
TARPIT target needs ACK packets to sustain the connection. Without them, the
client will drop the connection quickly.
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.