Forum Discussion

Nimbostratus

Oct 23, 2008

Unused ports respond to port scan

We're in the process of nailing down open ports on our network. We've found that if we do a port scan on an LTM VIP with a defined port, all the unused ports will responded with an ACK then Reset, wh...

config

design

hooleylist

Cirrostratus

Oct 27, 2008

I'm pretty sure TCP RFCs dictate that LTM or any host send an ACK of the previous packet and a RST if the port isn't in a listening state. I'm not sure if this is configurable within the internal database. I didn't see any keys which looked related in a quick search of the database (b db list|less -i).

You could potentially define packet filters (Click here) to drop packets to undefined ports. That would probably get fairly tedious to configure though. Or you could do this on an upstream firewall.

Aaron

Forum Discussion

Unused ports respond to port scan

Recent Discussions

Rundeck ansible F5 errors

What is the meaning is 52% block in WAF

rewrite Azure AD response for portal access via web portal

AS3 Monitoring multiple ports selectively

Open Redirection Mitigation

Related Content

Quick and dirty shell script to find unused certificates

Large payload post requests aren't responding

Change cookie domain in HTTP::respond

Gzip content when using HTTP::respond

OCSP Responder