October 2016
Beginner to intermediate
650 pages
14h 43m
English
As mentioned in many books, including this one, people often forget about UDP. Often, this is partly because the response from scans against UDP services often lies. Return data from tools such as nmap and scapy can provide responses for ports that are actually open, but reported as Open|Filtered.
As an example, research on a host indicates that a TFTP server may be active on it based on the descriptive banner of another service, but scans using nmap point to the port as open|filtered.
The following figure, shows the response for the UDP service TFTP as open|filtered, as described preceding, even though it known to be open:
This means that the port may actually be open, ...
Read now
Unlock full access