A penetration tester runs the command nmap -sF -p 80 192.168.1.1 against a Windows host and receives a response RST packet. What conclusion can be drawn on the status of port 80?

A penetration tester runs the command nmap -sF -p 80 192.168.1.1 against a Windows host and receives a response RST packet. What conclusion can be drawn on the status of port 80?

  • port 80 is open
  • port 80 is closed
  • undetermined as this is a default response on a Windows system
  • port 80 is open/filtered
Explanation & Hints:

A TCP FIN scan is not useful when scanning Windows-based systems, as they respond with RST packets, regardless of the port state. The normal implication of an RST message would indicate a closed port. Since this is a Windows-based system, it will always respond with an RST message regardless of the port state.

For more Questions and Answers:

Ethical Hacker Course Final Exam Answers Full 100%

Leave a Reply