anonfunc/xtables-addons
1
0
Fork 0
mirror of git://git.code.sf.net/p/xtables-addons/xtables-addons synced 2025-09-08 21:54:57 +02:00
Code Issues Releases Wiki Activity

portscan: update manpage about --grscan caveats

Browse Source
This commit is contained in:
Jan Engelhardt
2009-01-10 05:23:43 +01:00
parent 598c7ede37
commit 31c01cf107
1 changed files with 5 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
extensions/libxt_portscan.man
View File

@@ -20,7 +20,11 @@ connection was torn down after completion of the 3-way handshake.
\fB--grscan\fR \fB--grscan\fR
Match if data in the connection only flew in the direction of the remote side, Match if data in the connection only flew in the direction of the remote side,
e.g. if the connection was terminated after a locally running daemon sent its e.g. if the connection was terminated after a locally running daemon sent its
identification. (e.g. openssh) identification. (E.g. openssh, smtp, ftpd.) This may falsely trigger on
warranted single-direction data flows, usually bulk data transfers such as
FTP DATA connections or IRC DCC. Grab Scan Detection should only be used on
ports where a protocol runs that is guaranteed to do a bidirectional exchange
of bytes.
.PP .PP
NOTE: Some clients (Windows XP for example) may do what looks like a SYN scan, NOTE: Some clients (Windows XP for example) may do what looks like a SYN scan,
so be advised to carefully use xt_portscan in conjunction with blocking rules, so be advised to carefully use xt_portscan in conjunction with blocking rules,