In the network logs there are ACK/FIN/PSH/URG packets from a host going to a closed port, and SYN/FIN/URG/PSH packets going to open ports. What is the host likely doing?
In the network logs there are ACK/FIN/PSH/URG packets from a host going to a closed port, and SYN/FIN/URG/PSH packets going to open ports. What is the host likely doing?
The presence of specific TCP flags such as ACK, FIN, PSH, and URG in packets sent to closed ports, and SYN, FIN, URG, and PSH flags in packets sent to open ports, suggests that the host is attempting to gather detailed information about the network and the characteristics of the devices on it. This pattern is indicative of active OS fingerprinting, where the host sends various combinations of flags to different ports to analyze the responses and determine the operating system of the target machine.
Ans should be A