What is the motivation behind SYN/FIN scanning?
What is the motivation behind SYN/FIN scanning?
The crafted SYN/FIN packet sometimes gets past firewalls and filtering routers. SYN/FIN scanning tries to exploit the fact that some firewalls and routers may not properly filter packets with both SYN and FIN flags set, thereby allowing attackers to map out the network and identify open ports.
Right answer is C.
C for this one
I took the exam twice, and these questions were not even in the ballpark for the GSEC. A moderator may not show my comment here. These questions are ancient.
C senor
A. The SYN/FIN combination is useful for signaling to certain Trojans. This is not correct, as the SYN/FIN combination is not generally used to communicate with Trojans. B. SYN/FIN packets are commonly used to launch denial of service attacks against BSD hosts. This is not correct, SYN/FIN packets are not a common method for DoS attacks. C. The crafted SYN/FIN packet sometimes gets past firewalls and filtering routers. This is correct. SYN/FIN scanning utilizes crafted packets with both the SYN and FIN flags set to bypass firewall rules. D. A SYN/FIN packet is used in session hijacking to take over a session. This is not correct, session hijacking typically involves predicting TCP sequence numbers, not using SYN/FIN packets. So the correct option is C.