ࡱ;   !"#$%&'()*+,-./0123456789:;<=>?@ABDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~Root Entry  !r\V)䰱 PresentationStarImpress 5.0 I Hp @I@I HTIHF|VMH H HSfxDocumentInfo  T1D }1d {1 Info 0 Info 1 Info 2 Info 3 }1;e<44Standard LIBIMBEDDED LIBIMBEDDED1,,,1SBX sb : Standard StarBASICSBX ARSBX AR SBX ARSBX OBc BasicLibrariesBasicLibrariesSBX ARSBX AR SBX ARSBX OBe DialogLibrariesDialogLibrariesSBX ARSBX AR SBX AR2c%bqqOh+'0 h t 209@g@k N@ @dXOutdevItemPool 1   )     &'()*+,-./06789:;UVWXYZ[\]c !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstt      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefd0>'@q<XX'4@Dashed 1X':@2XXXX&' @'X'E@xArrow X'E@Arrow X'.@,XXX'"@-,XX'@UXX'@xX@X@X'@8XX'b@D̙6XX X2XD'@@ Gradient 1ddX'2@ Hatching 1X'*@Bitmap 1BMvv(@@SD@x^SI 0 s\ z 46ZBn8x)1̔.<觔B+̄ ޢ40:prf |q]~+H~|WFMbP@aoCē[ȡz6~U{߃XFXNXVX^XfXnXvX~XXXJJ@3  R5-0)g% 50 A P) / 0 .03XXXX&X.X6X>XFXNXVX^XfXnXvX~XXKK@ =XXMM"@ XXNN"@ XXOO"@! XXPP"@O XXQQ(@ !XXXUU@ XVV2@ XXXX @X@$X@DX@dX@X@dX@X@X@X*"@3X @ '''' ' ' ' XXX X&X,XDXJXVXbXn @ {''''''' '' '' '' XXX&X2X>XPX\XnXX**<@   XXXX X&77\@7    ,,,,XXXX X&X,X8HH@+'g*@'A' ' g*@'A' +'' g*@'A' +'' <(@' <(@'+'+''   g*<(@'+' g* @'1'+'' <(@' g*  <(@'"A' 1'+''!'''''''''%' <(@'' <(@'" g*  <(@'A' +'''XXX>XhXXXXXXXXX@XXXXXff @ JJKKQQVV IIJJKKMMNNOOPPQQUUVV IIJJKKMMNNOOPPQQUUVV IIJJKKMMNNOOPPQQUUVVIIJJKKIIJJKKQQVVIIQQVVJJKK JJKK  IIJJKKMMNNOOPPQQUUVV  IIJJKKMMNNOOPPQQUUVV IIJJ KK  IIJJ KKMMNNOOPPQQUUVVIIJJ KKIIJJ KK IIJJ KKMMNNOOPPQQUUVVIIJJ KKII JJ KK II JJKKMMNNOOPPQQUUVVII JJ KK II JJKKMMNNOOPPQQUUVVII JJ KK IIJJKKMMNNOOPPQQUUVVIIJJKKIIJJ IIJJKKMMNNOOPPQQUUVV IIJJ KKMMNNOOPPQQUUVVIIJJ KK IIJJ KKMMNNOOPPQQUUVVIIJJKKIIJJ KKXX,XnXXX X"X4XLX^XpXXX XNXfX~XXXX2XJXXXXXXRXXXXP@ *X8x;;[{_2Rt7WwFfT6 ^  J i  ' G i b F PJEditEngineItemPool 6fC0Z_g* v3@ SO "X2StarBats -"2StarBats -"2StarBats -"` ` 2StarBats -" 2StarBats -"2StarBats -"hh2StarBats -"2StarBats -"2StarBats -"pp2StarBats - "2StarBats -"2StarBats -"2StarBats -"` ` 2StarBats -" 2StarBats -"2StarBats -"hh2StarBats -"2StarBats -"2StarBats -"pp2StarBats - "2StarBatsN8"2StarBatsNd"g 2StarBatsNd"]` 2StarBatsNd"S 2StarBatsNd"S2StarBatsNd"Sh2StarBatsNd"S2StarBatsNd"S2StarBatsNd"Sp2StarBatsNd  "2StarBatsN*"2StarBats-"2StarBats-"` ` 2StarBats-" 2StarBats-"2StarBats-"hh2StarBats-"2StarBats-"2StarBats-"pp2StarBats- "2StarBatsNd"2StarBatsNd"g 2StarBatsNd"]` 2StarBatsNd"S 2StarBatsNd"S2StarBatsNddd"Sh2StarBatsNddd"S2StarBatsNddd"S2StarBatsNddd"Sp2StarBatsNddd H2StarBats d2StarBats dg 2StarBats d]` 2StarBats dS 2StarBatsdS2StarBats,,dSh2StarBatsdS2StarBatsdS2StarBats d "2StarBatsNd"2StarBatsNd"g 2StarBatsNd"]` 2StarBatsNd"S 2StarBatsNd"S2StarBatsN d"Sh2StarBatsNd"S2StarBatsNd"S2StarBatsN d"Sp2StarBatsN d "2StarBatsN-"2StarBats-"2StarBats-"` ` 2StarBats-" 2StarBats-"2StarBats-"hh2StarBats-"2StarBats-"2StarBats-"pp2StarBats-  d"}2StarBats -V 2StarBats K"2StarBats -` 2StarBats K"d 2StarBats -"d2StarBats dd-"dh2StarBats dd-"d2StarBats dd-"2StarBats-  "2StarBatsNd"2StarBatsN,"g 2StarBatsNd"]` 2StarBatsNd"S 2StarBatsNd"S2StarBatsNd"Sh2StarBatsNd"S2StarBatsNd"S2StarBatsNd"Sp2StarBatsNd A  d}2StarBats KV 2StarBats K2StarBats K` 2StarBats Kd 2StarBats Kd2StarBats ddKdh2StarBats ddKd2StarBats ddKd2StarBats ddK   d2StarBats KV 2StarBats K2StarBats K` 2StarBats Kd 2StarBats Kd2StarBats ddKdh2StarBats ddKd2StarBats ddKd2StarBats ddKXXjXX" X~XXX&X"X&X+X&/@O<3XX@Qdddddd-dddx5dddYdddYs dddY  ddd YD dddYDdddYDdddYD8ddd8YDXdddXYDxdddxYD!ddd!YDXX!X4XGX`XyXXXXXXX(XA<( n@ Q=K  XXXX X&X,X2X8X>XD (@S StarSymbol!?- StarSymbol!?d StarSymbol!?-  StarSymbolX!- StarSymbolX!?, StarSymbol!?K StarSymbol!?K  StarSymbol!?KXXIXXXX5XpX@'(c@UJddddddY|` ddd` YdddYdddYpdddpY ddd Y  ddd Y %ddd%Y 0*ddd0*Yddd,dd|dddddddV dddV ddddddddddd Nddd" #dd}d#(dddY}&V dddV Y' dddYXX!X:XSXlXXXXXXXX(X;XNXaXtXXXXXXA'@ Vdddddddd dd  dd dd ddddd#ddddXdXXX&X2X>XJXVXbXnXzX1'@%WdX+'2@WW0XXXX '@t[, , , , , , , ", ', ,, 1, 6, ;, ~@, tE, jJ, `O, VT, LY, B^, 8c, =, 3, ) , , , , , #, (, -, 2, 7, <, A, F, K, P, U, Z, _,  O, E, ; , 1, ', , , #, ', ,, 1, 6, ;, @, E, J, O, T, Y, ^, , , , w, m, c, Y, O#, E(, ;-, 12, '7, <, A, F, J, O, T, Y, ^, , , , , , , , #, (, -, x2, n7, d<, ZA, PF, FK, a! Home~LT~TitelW > azxV4B1eZ#Click to edit the title text format Home~LT~Titel<( (@'DrObaSVDr&W )aVI(Home~LT~Gliederung 1W )aVI xV4B1Z %Click to edit the outline text formatHome~LT~Gliederung 1 <( (@'Second Outline LevelHome~LT~Gliederung 2 <( (@'Third Outline LevelHome~LT~Gliederung 3 <( (@'Fourth Outline LevelHome~LT~Gliederung 4<( (@'Fifth Outline LevelHome~LT~Gliederung 5<( (@'Sixth Outline LevelHome~LT~Gliederung 6<( (@'Seventh Outline LevelHome~LT~Gliederung 7<( (@' Eighth Outline LevelHome~LT~Gliederung 8<( (@' Ninth Outline LevelHome~LT~Gliederung 9<(  (@'  DrXXHomegg ^Home~LT~GliederungDrMP%JoeMVT$mDrML DrObSVDrTlc]SDUDQ DefaultTlDrObSVDrTlc]SDUDQ DefaultTlDrObSVDrTlc]SDUDQ DefaultTlDrObSVDr&5 B"0! Home~LT~Titel5 B"0nxV4B1YZClick to move the slide Home~LT~Titel<( (@'DrObSVDr& 3CG]# Home~LT~Notizen 3CG]wxV4B1bZClick to edit the notes formatHome~LT~Notizen<( (@'DrXXHomegg VHome~LT~GliederungDrPgcJoeM$mVTDrML8DrMD,DrXX Handoutsgg FHome~LT~GliederungDrPgMJoeM$mVTDrML8DrMD,DrObSVDrW > ac]SDUDQ ! Home~LT~TitelW > axV4B1Z UDP Scanning Home~LT~Titel<( (@'+'       DrObfSVDrW )aVIc]SDUDQ  DefaultW )aVIxV4B1pZ John KristoffDefaultg* <( (@' 1'+'   Defaultg* <( (@' 1'+' Defaultg* <( (@' 1'+' +1 312 362-5878Defaultg* <( (@' 1'+' DePaul UniversityDefaultg* <( (@' 1'+' Chicago, IL 60604Defaultg* <( (@' 1'+' DrXXgg JHome~LT~GliederungDrPgkJoeMVT$mDrML8DrMD,DrOb<SVDr&5 B0DrObJSVDr 3CG]c]SDUDQ # Home~LT~Notizen 3CG]kxV4B1VZClick to add notesHome~LT~Notizen<( (@'DrXXgg NHome~LT~GliederungDrPgJoeM$mVTDrML8DrMD,DrObzSVDro Zac]SDUDQ ! Home~LT~Titelo ZaxV4B1ZWhat are we talking about? Home~LT~Titel<( (@'+'DrObSVDrW aGc]SDUDQ ( Home~LT~Gliederung 1W aGxV4B1Z)Remotely probing hosts using UDP messagesHome~LT~Gliederung 1g* <( (@'#))$Comparing UDP, ICMP and TCP scanningHome~LT~Gliederung 1g* <( (@'#$$UDP scanning detailsHome~LT~Gliederung 1g* <( (@'#UDP scanning failure scenariosHome~LT~Gliederung 1g* <( (@'#&How to make UDP scanning more reliableHome~LT~Gliederung 1g* <( (@'#&&Why is this talk important?Home~LT~Gliederung 1g* <( (@'#.A colleague expressed the need for public infoHome~LT~Gliederung 2g* <( (@'&..0But really... to help justify my trip to Hawaii!Home~LT~Gliederung 2g* <( (@'&00DrXXgg NHome~LT~GliederungDrPgmJoeMVT$mDrML8DrMD,DrOb<SVDr&5 B0DrObPSVDr 3CG]c]SDUDQ #Home~LT~Notizen 3CG]qxV4B1\ZClick to add notesHome~LT~Notizen<( (@''DrXXgg JHome~LT~GliederungDrPg6JoeM$mVTDrML8DrMD,DrOb|SVDrW ac]SDUDQ !  Home~LT~TitelW axV4B1ZWhy is this important again? Home~LT~Titel<( (@'+'DrObWSVDrW ^a*Ic]SDUDQ ( Home~LT~Gliederung 1W ^a*IsxV4B1RZDomain Name System (DNS)Home~LT~Gliederung 1g* <( (@'#%Trivial File Transfer Protocol (TFTP)Home~LT~Gliederung 1g* <( (@'#%%4Remote Authentication Dial In User Services (RADIUS)Home~LT~Gliederung 1g* <( (@'#44"Routing Information Protocol (RIP)Home~LT~Gliederung 1g* <( (@'#"")Simple Network Management Protocol (SNMP)Home~LT~Gliederung 1g* <( (@'#))Network Time Protocol (NTP)Home~LT~Gliederung 1g* <( (@'#*Dynamic Host Configuration Protocol (DHCP)Home~LT~Gliederung 1g* <( (@'#**DrXXgg NHome~LT~GliederungDrPgmJoeMVT$mDrML8DrMD,DrOb<SVDr&5 B0DrObPSVDr 3CG]c]SDUDQ #Home~LT~Notizen 3CG]qxV4B1\ZClick to add notesHome~LT~Notizen<( (@''DrXXgg JHome~LT~GliederungDrPgPedJoeM$mVTDrML8DrMD,DrObrSVDrdc]SDUDQ !  Home~LT~TiteldxV4B1ZUDP message format Home~LT~Titel<( (@'+'DrObbSVDrBX$e=c]SDUDQ  DefaultBX$e=&bbNAT5 aJFIF``      !  }!1AQa"q2#BR$3br %&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyzw!1AQaq"2B #3Rbr $4%&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz ? ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( (K? ~ +s[ 2ziwv"]:c+ tL(%eaߴ?q]yv|7fnvp=⏊$z'g$}٧m.&|bYxgyMߋ?kSkͥVCoȐUn"ܪ» ]+X/ C4z~.]1X{뫇h_g&-cĿ?XѼOg+#؞o߱7mWh)<_ >*~G'{GeH!b*,r4P):-/ʹzkCw aw -xl>(i_gccӮ67u4n+}2[V)qw h`YdXdA6i~w6žig%մsP$2[w*¼G_߳{x{O~DO֬cxH-]^EH L𞣮 <3xßTҬ}jؗBqgɔ^jp]yOj gcz'juޕiojϦGtחGl[$. mmmqss"3O4qA6i~w6žig%մsP$2[w*¼'Cx/ 5W==gU+ox{8RYGH#$]w'w/|xߊτ}+Fl^(M/Nn {ح6/eq+w(A@@WWq~ ☼C_ B[ǣǬXmOtG K#)dG|Q{[|;x }@($,.NfxeWx˜sGWv[\K#\|1_<)x/¾6:/i[{ ’ 5W==gU+ox{8RYGH#$q Ϗ? j]ψl!{Gԭ-`[[Kk&c\?(?XKVּc[]WTnlú dY..n"f""G?ak /Fկd.[uWŶ+Ѯ#{MRKKurDd1H$n+1|aS?O ~;}@vkuI)"c8b[d` A_ƞ20x??k| _m72YDD[fh(䅥1HP/Ꮒ/AMC1xƾGYm};J(GR#<<]OSW|^j`:Gb,2}Lnn~U!`+?߃>[?% 6(?zƫ-7ͥ+ Gvr|mxѼwojUtn!P/4U E=[{y P?i?x}g޴uo[s&k:ޣ+{}"9n$e,ně}ᇎb"Ri_ؚ{T[CoΑ~󔍧]^(^HnB W~2|c+x\/^uţpXYyZ+։ZK}.@J|:q|]Ѯ)xVO~5o(WiZn S&8˴ZH!}B>_ i|=¿&o:Ʃ%%?y讀(}j &?t~_/~4\eך_l"6ϊO&]C[;>!xJ-OԵM?N&r^_^JЪ[w,P?0|Nд=CJ<Y%]L&M;OVٔ j -, '+u߄>1Q?xc _꺏btKT8,,jw-D r %?g_~xz|.<7IEyoC6V[\Z7v^Lw<8ˤ@P~2|c+x\/^uţpXYyZ+։ZK}.@J~?hz7Ϊ91Q?xc _꺏btKT8,,jw-D r %?g z [U4OkW&O nm.mjmVo$[ng&xVb]Xisi\"ѧ|ihOoOd_<YhEg%)^d'idQvf8$A /w<斀8:Ə:?#Ŀe$5~q?Ls.٠W\ʒ_Q]3FhHlx@fK<(-,;e$C'_47y-q;F+ׄ<]"~z%ޟ~E|]Cucw +% U4cdI ºf~]EO/ZXZB8a HDUEEU@+C'_47y-s)Ʒ_x[ƿGxcT٤ks5,.hyFѾcEܧ Y.ׇ=~7W[=3L~bJ$$;; K\QJgu~ȟ}މwwߑaiWPX}i47v~+ bUxF C~;?xg>>?~~eiy}F٘$].OioZS'P5)^ M4u xn!tbX$E`xO~'7 '߲/ҬM"{3/2_(w;3drh; K\|wxvIQ]'[/òLRt~'V>]ݥI6d,; KG.OioZwW;xDK>+JI\WKմ"0h8:߉ > Kǃ-H d ̗#4]$?r|ENkxC߲'w]XxZU7V7pZM ݟ⸂X^)F9A40<+hZwE4[Hl4>͵(#aO$ETTPT?r|EN^>EƟowwm :up@|M\E%{E2ef$R߉K xk@ȍxiF{;Mqs~ߴ|iw=宙q?jI1 *-቟t(c$Mv`O; K\|wxvIQ]'[/òLRt~'V>]ݥI6d,ឥue?{cЈ;h|뫯q7momk#yV&ء; K@|wxvIQ]'[/òLRt~'V>]ݥI6d,qQU"ѧ|ik]|Xto.I< i]u[6;ROo]":w>"ѧ|ih; K@|wxvIQ]'[/òLRt~'V>]ݥI6d,N~k~.}w ڼHltflҬQYY8EUP(r|ENR\xo۴Llw޻dDuOXxk_?HDm{7O44\O/kY渙YIdwُA /w<斀{{_1xO*Eexbd|?gGxS–aZ^xZvI\$hV8#@F?0?~25 v~3v&%؉nbKKx)H=񲔑Հ4>W_Zx/cA9)h|!g?iir]Jx$d9"d)I[CuG״??Uټ_x1M[[hm,-GoPGQƊw>"ѧ|ik>?~~eiy}F٘$].OioZ/_>)h|!g?iir]Jx$d9"d)IXN~k~.}w ڼHltflҬQYY8EUP(r|ENטx?~AOmGx ;?;MKDJVű%S%q$oJH + -<1~$5̾\1C]]xKk{kXʷ6 h.OioZ}[c Fvn_uoß[ּ?MėӮt[Fҵ[IUk2_ J@E)|Kӿ( ( ( ( ( ( ( ( ( ( ( ( (G)M7d_@@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@|?Jo%_+S~ *PPEPEPEPEP_|E5h_?_%ݜ~xzwaak 4 NTm]5i`.,45o~)vV#'SWEDeimukysrr-|4KI]gG, ⯂Kg o7IIg?G|eito|~%xke_\ogs-=)&h#H;ޑ|wMrH>!|J߆'[me,^YP&Im|'[96CĿJ1xள/]ycthRZI ɹ|gtRV8aL|6/ ?_[O?cg&-EO&߱lqi T5Mk5 ?=ֵi6WOoƚU%Q7`D1/$#xS|?t) |8.M^H{+Ȣ+|i慚)5i߳';xO!d w/ZEU0c]R\/mYKyn [Vm??|3Ck:O_|?(𝽦wqco6 w쮮'kIVVM- |s}oc%j~xhzojt{{)C,v-Mkp׋|vMω7ே $|aZ${<W"+Hkmn "-@3!?/L~ _xúIlaj'Uxy%wcwRŏ[^?4 x3xN-WVPZjuO=Ჷs>,/$p7|ĒwǍWXˠXx+O{_߇5Y_І{Dŏa _\JEΔ[g5ߊd7OW|a~(({̎o8#2VOfcvܻ&2<⮭ञ/о"j_|&w.3ZZ\&k|*v$+ΰb2Do_)?|?<# gs?x@?4r;m)u#-b%6I<[WXoƋ?[~W$V?iݦiokW)) öD$ydej>և> > ~kfgI(PϲBӳáFG;C㿈5s4=wDOK 4m.6KE;I&P ? G/<5h5/Ia.:ާs|uk5JR`i:]i'wl#Ηk:<z3ǩXX,WVvSAj-m@>>0Z^z<+xNE͙Ү!o,Ksjw&Ih@=((((+S~ *PPEPEPEPEPE/5x_&&ih}[jr.ืl\CeEeܤs||[|I/>2]S%տoP-ޝhMN@y$fm-CNOZf{~G.-:E${OVh;"X}* |$)/A>{Gu< ]R%cGa"k o? 2 okVF[\A]%{ W-q$Wqڑn=?|A.K_xLX-qkVxhZj\$ Oو|x& cn$>,7k~*ỸGi\wV%gnvRUB?^.O|9m5 2].k-)fKekT "#̒q?_ÆY ( ( ( ( ( ( ( ( ( ( ( ߃J%W< IOFo|aagmEIk>2. Z]ͼ$bbg1K"?~?\ ?}!f_144:o |C?c.hiuC>sG3Oï?˚?~?\ ?}!f_144:o |C?c.hiuC>sG3Oï?˚?~?\ ?}!f_144:o |C?c.hiuC>sG3Oï?˚?~?\ ?}!f_144:o |C?c.hiuC>sG3Oï?˚?~?\ ?}!f_144:o |C?c.hiuC>sG3Oï?˚?~?\ ?}!f_144:o |C?c.hiuC>s^!~Ϟ IFMykY?dT"tڱ(Q+,-"C~?\ ?}!f_144:o |C?c.hiuC>sG3Oï?˚?~?\ ?}!f_144:o |C?c.hiuC>sG3Oï?˚?~?\ ?}!f_144:o |C?c.hiuC>sG3Oï?˚?~?\ ?}!f_144:o |C?c.hiuC>sG3Oï?˚?~?\ ?}!f_144:o |C?c.hiuC>sG3Oï?˚?~?\ ?}!f_144:o |C?c.hiuC>s\ß੿ ~ j "y>(_/CujzEӨGa5Ō$1Q@#𞓫}Pƫ&E'o㱻Ԟ-ȥcŦw. [?5Ҽ}wF-+HWYn[Ԯ h#{Dm\#x KSC>  K<%u_GJab}%>49Qlrǧ$X5>|*?8_4x+$7xid[]{쳒k{F͐( ( ( ( ( ߃J%Q@Q@Q@Q@WguS写kZo/rL{N}2mXѤ{;Th^4:y<]| O})ew-6KVK* KK2w#AqnX᷊"0K>ogx|3qŞv iMМfa<6ӺhYxN~| O~zf'Ozvk~!֛mk&ic F[I4d:7Gu-z x? ~Y:ֵLR4wtڴWw&]25 f0+[x?^!._x6wZuG41cCȳtxDfuh6<:͹| i :|AkDum4^:}ض:czbir$KKٯ1xWPм[PD~\|J;m5Z'#K )}-\k)ae aqk<gJ~u &3 oyOyoϿv4PEPEPEPEP_?RoWĿ;2> ߃J%Q@Q@Q@Q@Q@W? h>4%IajS:,HAqo"ѧ|ih; K@.OioZ?r|EN /w<斏\Ӿ?4F?'_47y->"ѧ|ih; K@.OioZ?r|EN /w<斏\Ӿ?4F?'_47y->"ѧ|ih; K@.OioZ?r|EN /w<斏\Ӿ?4F?'_47y->"ѧ|ih; K@.OioZ?r|EN /w<斏\Ӿ?4F?'_47y->"ѧ|ih; K@.OioZ?r|EN /w<斏\Ӿ?4F?'_47y->"ѧ|ih; K@.OioZ?r|EN /w<於VūCa7_xwp>u%֫}wG4kX3X(>"ѧ|ih; K@.OioZ?r|EN /w<斏\Ӿ?4F?'_47y->"ѧ|ih; K@.OioZ?r|EN /w<斏\Ӿ?4F?'_47y->"ѧ|ih; K@.OioZ?r|EN /w<斏\Ӿ?4F?'_47y->"ѧ|ih; K@.OioZ?r|EN /w<斏\Ӿ?4F?'_47y->"ѧ|ih; K@.OioZ?r|EN /w<斏\Ӿ?4F?'_47y->"ѧ|ih; K@.OioZ?r|EN /w<斏\Ӿ?4F?H񗈼[M__ ߃J%Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@x7jot-KPuᯋ/B.dheB9QY]He` |;Oŗ|AP>,xz+f[.cIXq"E,WSD>#&5Ax{ kGK/j]x ӵ{s} dmq= uq? zǏ4%x~Mw\UojR[&?–p4k=V@L->(((((((((((7we}E)|Kӿ( ( ( ( ( ( ( ( ( ( ( ( !x'J uۍBD? :Gu ,貄FPeXp@8 |$H݇Xi^4ӭr^V`C,vn6/Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@W#U/N (7we}EPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPE)|Kӿ( (,xEċē~,|5td]Sy,Hc,D*4:o |C?c.hiuC>s@3Oï?˚?~?\ ?}!f_144:o |C?c.hiuC>s@3Oï?˚?~?\ ?}!f_144:o |C?c.hiuC>s@3Oï?˚?~?\ ?}!f_144:o |C?c.hiuC>s@3Oï?˚?~?\ ?}!f_144:o |C?c.hiuC>s@3Oï?˚?~?\ ?}!f_144:o |C?c.hiuC>s@3Oï?˚?~?\ ?}!f_144:o |C?c.hiuC>s@3Oï?˚?~?\ ?}!f_144:o |C?c.hiuC>s@3Oï?˚?~?\ ?}!f_144:o |C?c.hiuC>s@3Oï?˚?~?\ ?}!f_144:o |C?c.hiuC>s@3Oï?˚?~?\ ?}!f_144:o |C?c.hiuC>s@3Oï?˚?~?\ ?}!f_144:o |C?c.hiuC>s@3Oï?˚?~?\ ?}! #ᧇ>S~?@?>|D'߈|QZ6yח?gϘۼlM_@|?Jo%_(((((((((((((((((((((((+S~ *PP_?RoWĿ;2> ( ( ( ( ( ( ( ( ( ( (3mJE𮥬^EMgMy%Ӵx_Fnǡj7u} iBlE6m1>0 ( ( ( ( ( ( ( ( ( ( ( ߃J%W#U/N ((((((((((((((((((((((((7we}Eo~ >"kw>'h/kJ 6VZ.U,do1@T4?r|EN /w<斀\Ӿ?4F?'_47y->"ѧ|ih; KG.OioZ?r|EN /w<斀\Ӿ?4F?'_47y->"ѧ|ih; KG.OioZ?r|EN /w<斀\Ӿ?4F?'_47y->"ѧ|ih; KG.OioZ?r|EN /w<斀\Ӿ?4F?'_47y->"ѧ|ih; KG.OioZ?r|EN /w<斀\Ӿ?4F?'_47y->"ѧ|ih; KG.OioZ?r|EN /w<斀\Ӿ?4F?'_47y->"ѧ|ih; KG.OioZ?r|EN /w<斀\Ӿ?4F?'_47y->"ѧ|ih; KG.OioZ?r|EN /w<斀\Ӿ?4F?'_47y->"ѧ|ih; KG.OioZ?r|EN /w<斀\Ӿ?4F?'_47y->"ѧ|ih; KG.OioZ?r|EN /w<斀\Ӿ?4F?'_47y->"ѧ|ih; KG.OioZ?r|EN /w<斀\Ӿ?4F?'_47y->"ѧ|ih; KG.OioZ?r|EN /w<斀\Ӿ?4F?'_47y->"ѧ|ih; K\~ xGu>cc\^xRkOmZZM3HIlDrXXgg JHome~LT~GliederungDrPgmJoeMVT$mDrML8DrMD,DrOb<SVDr&5 B0DrObPSVDr 3CG]c]SDUDQ #Home~LT~Notizen 3CG]qxV4B1\ZClick to add notesHome~LT~Notizen<( (@''DrXXgg JHome~LT~GliederungDrPg()(JoeM$mVTDrML8DrMD,DrObpSVDrW aYc]SDUDQ !  Home~LT~TitelW aYxV4B1~ZUDP port probing Home~LT~Titel<( (@'+'DrOb&SVDrOX?c]SDUDQ  DefaultOX?&%NAT5 %PNG  IHDRe* TsBITO IDATx{p=G`DD  aHm%c)-qt[U +*X:)cVq%R@@09qO\|{btZA@ /0G^`_jXL$ά#zwZYNUbîYܗX,*%e /`<**4~a8A^>1#?*ReUnV^nUeOzl~Ue#/ bZ|4TV+ T2OK4: {9 y X A`^dXBqBB GpCc}\D^M^$ܥL>Ԁ fGVnA/ŀjff9W0fwY]is%8̩1u2Zk!+כ2lS"D `<7%+sdHeeecccOOOЅ./۳g… ǎ]`y sבݻw/X_$5sKSvw9 &˩T*<'wyEEE6l 5KKI&mܸS9<[o)vx< C,$eXl2,6skǏ?|G .dF]:f4 am۶yN&C @%LⒾ,|W_}eܦ$H̞=۟l1 sDEEo6<ӦM///ē3fH$ӦM D"QZZ`= %y9{D"QRRt9%UTT,^xA$#/0G^" G}.F^’d2hѢQF544tuu]0q'|rʕOb`KuС'xbժUgΜQ.'/Dy \|իϞ=+>3 rK}k֬LJKD^khhhll6nI^ ޳IKbߊKrYx*cd%t:צ'OzW K&C ;/!INwc[Ǹ粲RT|4 I4swd?`y|grjinn.//*pS& bfUXu9 y 'fz=VJnqTeXr|R܂ر^32~Hl`Nj+K̇2o՟u5OYlͪT#4IB‰im, ]@KTﵒMw3~FӵwVj]_8,GKF,2NDI5`ueS8'0:P޽6znm?VtNuW?y/zr(bmi^~ ̚W鈯,.q]:'l ھ^^o Vf(3T%<)-7IoBgDT0=`oy 9c0G^`>}zggt 7ܰnݺaÆMꤓ6QJDl󪜰`,=TJ>Ǚ$k۶m͓QPPl=8jMMMTͅYHpYHpرcֿ]RO?)2CgA>kСmNH$f͚OI1@҆sgΜ[=)@rDzS%y9sD"0zS%(󲲲~ԩ"/@9s$)S]`x`AXE^t @vs%wmbk|M48z+fϞͥrۼiood;{!L>>ӧʂ.m^0`ƌ>\ȮÇXbʕ]]] " K'x3gKA^/_zgϊ&"5ktww뵡 "Khطo߲eϝ;gܒ%3}{zo=///c糲$f!)b(kBybɓUdttt]any]{u߸qciii[T*-YHpYHpKbѣG]GyG_~eԼ F /|uuuz׍p= `cǎ]nkkktd @Dp---555ʌ$/D/?p@СC8qkm۶_o&1DaÆz ]tQP{Ê_-[TUUq@Dxۿ߿=2y/i~a4z2 6}y]lyyĉwy N4k5n?w<̏y@sDX|LRUfXt9`ejAKT7/׋,yjب*Yץ x޿p@~L&/bIny5N 0ߙ J7eTsBrlQxM,3ʪ0VZJ@5H4d 3޲8W}{yy[AnAUUUmnƭ[?eǎ˖;3(N]? v8ܯGl {H{ 7|3`ۼK*++]l{{СCU 3X_y 8s%K@my 9s\O:qījʻ~P*ϿKnꫯˌۜ>}^S^ݻo0aꡦ͛7?yyy~ 4hdg[nfC|Mcǎ]6*¥%S^vvv̜9S|---TJ|hǎ}$IniiŇ>r95s7nҲe޼yuuu^WeO{{o~nFz|'o=h rÇ[l9bĈj@ Ϸ]a:޻woEEŨQܬ%B^^ 7t!V}A~9ػwoWWWiiǥys=rH}[[[޽{"IԩS=// , ikk2dHе>|Y2n޼tɓ'{YW_@Xb;v]Wھ_tEAby a1x#G)̬=z4LVWW]Mdžf6sYzuWW_t-&:׿5|9}R 2uT*sΠ 17a„+\wJJJ)u_;v4iRеkjvUW]~㵜KuU]w?C9ӧndРA^x$IG$3S{H_w}byi[a3s 6?mo[oeo=y)ռukۆ溺X>ޑ#GJtܹ>hԨQَf̞=ފa@^@L:խ~ةSxwy??cPA0`<#Obhd7e4B^;C|0U[YYܗX,CUWYU8_7dȑ#W^yA^{)++u#o^wRCKG?cs箹뮻Π| #F(//7he%3"qBUOWI2]thUaeŪ"妛n?[7nܸq bD^"hZWNXͳΫr49C ;kQ^sZ_o8!v 3a0ky`^:9W8k̓#/&/1=:3SG6m+]_~'OA3&f^߿?4^8rH:K%TNپ^9rAu~MHr-g=Ɛwar1vgo\][|^TeOKRnq-/߿f来K:u**(lll 1gRgy&B g4m܉7sYTTtEi6/**jmm4iƍGh9R\N0!':jҥwbnַ~;%i2@3y۷WWW˫_04/euu+#UWW?sO?4g1eTJ˜m۶yN&C  Q^jv.=ZSS0)TyTMSF8vXV__"Tع~\ŪV\3,^8تB"]pAWlذadҸMIII}}Y) $]wݸq^wkG:^d:DСC;::-++K$~Xg~l.T};Qv>}DիWִXQqqUW]d| 3}偔Xg3/sK=t1?)󲲲;3mڴKrr\sLbrr^Ι3gKKKȂ3JrԩSt1UTT|ߦLt-@ֲ+O;v}QM>Kӏ=ɓ'K&4eݿKK]LrSN@lڴ)??.&@Svihhljj:ug]hQЅB''7poN3w?p[*7-iyCp{|UR3wLdT7.Ē*4-t_lٿ,΢ō5 _vfu+[rjȊߋ1~IGg%`rOO2 XqѭɌbVzr6l_Ӛ9 |9wZQN8g5| ]%sS(`<s|/cDs`y 9Ly &ib=z?Zl#+> Oc6祕42w&?&rOG#sˠ ͟i2 pGf*9R>N0;aA>Y̽N'>~0\ގ0p|%ůh\%+Ile=i.^{ޛj rbhW9mJA 2 ': 6B[Xy c*hBNT=]sr[01?sl7bl{$!!FGMeպpT?3jmu^9MW5{q[z=NU(ntHs̳rq:3<}jzw@_ f}&[%vldf'Lι5OoIDAT32Wcr?|w{V_\3N3sjLcWn:?֣l3ݩw &QsF`<s|Ft123Fѕ>_}===AA^ɞ={.\8v7r쐗|J$Iڽ{ _|ER9Ν;ϟ?a„W^yEQ K>OmذDȑ|7vҤI7ndBI It-455ɿNc糲f~h seǏ?|GZ^˟?`[$)$)жm͛';L2$z F*J ą!i2hՊǎ~2%ɂO?u% 6,L)))5k?%1 'DEEoY!/D//OH$} y 'b^Θ1#HL6-z|D"QZZ`=@VK>rΜ9Dbʔ)AdŋO<9B;s?s%Kdѣ>`sssЅKd!L.ZhԨQ gΜ caÇWXrʮ.y  RK/WXj*U)%t{(y RKhhooohhXfMww^@8Ͼ} RF^o_zyyyo@\H3{S<١oRڟ{G_~^6~V>0z^x.pb @5f̘um߾VLM@0QXX~eF"%'N|׶nzmI7N }AׁeStkˀ>2Ġs{ћEksHͫ5g8,.q]:l 2ToNF ɱŪ$'e:Vܲf3MupX7)F|IENDB`DrXXgg JHome~LT~GliederungDrPgmJoeMVT$mDrML8DrMD,DrOb<SVDr&5 B0 DrObPSVDr 3CG]c]SDUDQ #Home~LT~Notizen 3CG]qxV4B1\ZClick to add notesHome~LT~Notizen<( (@''DrXXgg JHome~LT~GliederungDrPg^JoeM$mVTDrML8DrMD,DrObuSVDrW > ac]SDUDQ !  Home~LT~TitelW > axV4B1ZTCP and ICMP scanning Home~LT~Titel<( (@'+'DrObSVDrW )5WIc]SDUDQ ( Home~LT~Gliederung 1?W )5WI xV4B1ZTCPHome~LT~Gliederung 1g* <( (@'#3-way handshake and reliabilityHome~LT~Gliederung 2g* <( (@'&Lots of headerHome~LT~Gliederung 2g* <( (@'&Ever compare UDP and TCP RFCs?Home~LT~Gliederung 2g* <( (@'&See nmap's documentationHome~LT~Gliederung 2g* <( (@'&DrObSVDr7)aWIc]SDUDQ (Home~LT~Gliederung 137)aWIxV4B1ZICMPHome~LT~Gliederung 1g* <( (@'#Request/reply messagesHome~LT~Gliederung 2g* <( (@'&Lots of messagesHome~LT~Gliederung 2g* <( (@'&Implementations differ widelyHome~LT~Gliederung 2g* <( (@'&See Ofir Arkin's ICMP paperHome~LT~Gliederung 2g* <( (@'&DrXXgg VHome~LT~GliederungDrPgmJoeMVT$mDrML8DrMD,DrOb<SVDr&5 B0 DrObPSVDr 3CG]c]SDUDQ #Home~LT~Notizen 3CG]qxV4B1\ZClick to add notesHome~LT~Notizen<( (@''DrXXgg JHome~LT~GliederungDrPg " JoeM$mVTDrML8DrMD,DrOb}SVDrs !cc]SDUDQ !  Home~LT~Titels !cxV4B1ZThe trouble with UDP scanning Home~LT~Titel<( (@'+'DrObBSVDr ya;c]SDUDQ (Home~LT~Gliederung 1} ya;^ xV4B11Z @From RFC 1122, Requirements for Internet Hosts, section 3.2.2.1:Home~LT~Gliederung 1g* <( (@''A'@@Home~LT~Gliederung 1g* <( (@''A'Home~LT~Gliederung 1g* <( (@''A'<A host SHOULD generate Destination Unreachable messages withHome~LT~Gliederung 1g* <( (@''A'<<code:Home~LT~Gliederung 1g* <( (@''A'Home~LT~Gliederung 1g* <( (@''A'> 2 (Protocol Unreachable), when the designated transportHome~LT~Gliederung 1g* <( (@''A'>>& protocol is not supported; orHome~LT~Gliederung 1g* <( (@''A'&&Home~LT~Gliederung 1g* <( (@''A': 3 (Port Unreachable), when the designated transportHome~LT~Gliederung 1g* <( (@''A'::: protocol (e.g., UDP) is unable to demultiplex theHome~LT~Gliederung 1g* <( (@''A'::= datagram but has no protocol mechanism to inform theHome~LT~Gliederung 1g* <( (@''A'== sender.Home~LT~Gliederung 1g* <( (@''A'DrXXgg NHome~LT~GliederungDrPgmJoeMVT$mDrML8DrMD,DrOb<SVDr&5 B0 DrObPSVDr 3CG]c]SDUDQ #Home~LT~Notizen 3CG]qxV4B1\ZClick to add notesHome~LT~Notizen<( (@''DrXXgg JHome~LT~GliederungDrPgJoeM$mVTDrML8DrMD,DrObwSVDrn  ac]SDUDQ !  Home~LT~Titeln  axV4B1ZOther failure scenarios Home~LT~Titel<( (@'+'DrOb(SVDrW aIc]SDUDQ ( Home~LT~Gliederung 1cW aIDxV4B1'ZPacket filteringHome~LT~Gliederung 1g* <( (@'#Non-default host configurationsHome~LT~Gliederung 1g* <( (@'# Packet lossHome~LT~Gliederung 1g* <( (@'#  Errored packetsHome~LT~Gliederung 1g* <( (@'#1ICMP rate limiting (see RFC 1812 section 4.3.2.8)Home~LT~Gliederung 1g* <( (@'#11DrXXgg NHome~LT~GliederungDrPgmJoeMVT$mDrML8DrMD,DrOb<SVDr&5 B0DrObPSVDr 3CG]c]SDUDQ #Home~LT~Notizen 3CG]qxV4B1\ZClick to add notesHome~LT~Notizen<( (@''DrXXgg JHome~LT~GliederungDrPgJoeM$mVTDrML8DrMD,DrObzSVDrn  ac]SDUDQ !  Home~LT~Titeln  axV4B1ZMinimizing false positives Home~LT~Titel<( (@'+'DrOb(SVDrW aIc]SDUDQ ( Home~LT~Gliederung 1cW aIDxV4B1'ZVerify ICMP repliesHome~LT~Gliederung 1g* <( (@'#Congestion avoidanceHome~LT~Gliederung 1g* <( (@'#Round trip time estimationHome~LT~Gliederung 1g* <( (@'#See SATAN source codeHome~LT~Gliederung 1g* <( (@'#$Implement application level scanningHome~LT~Gliederung 1g* <( (@'#$$DrXXgg NHome~LT~GliederungDrPgmJoeMVT$mDrML8DrMD,DrOb<SVDr&5 B0DrObPSVDr 3CG]c]SDUDQ #Home~LT~Notizen 3CG]qxV4B1\ZClick to add notesHome~LT~Notizen<( (@''DrXXgg JHome~LT~GliederungDrPgJoeM$mVTDrML8DrMD,DrObxSVDrn  ac]SDUDQ !  Home~LT~Titeln  axV4B1ZUDP application scanning Home~LT~Titel<( (@'+'DrObSVDrW aIc]SDUDQ ( Home~LT~Gliederung 1W aIxV4B1Z!Solicit application layer repliesHome~LT~Gliederung 1g* <( (@'#!!'Most UDP apps will respond to somethingHome~LT~Gliederung 2g* <( (@'&'',Few general purpose UDP application scannersHome~LT~Gliederung 1g* <( (@'#,,1Most are for specific application vulnerabilitiesHome~LT~Gliederung 2g* <( (@'&11.UDP application scanning has failure modes tooHome~LT~Gliederung 1g* <( (@'#..Which UDP port to scan?Home~LT~Gliederung 2g* <( (@'&How to format the message?Home~LT~Gliederung 2g* <( (@'&1So... I'm no Wietse, but what the heck I tried...Home~LT~Gliederung 1g* <( (@'#11DrXXgg NHome~LT~GliederungDrPgmJoeMVT$mDrML8DrMD,DrOb<SVDr&5 B0DrObPSVDr 3CG]c]SDUDQ #Home~LT~Notizen 3CG]qxV4B1\ZClick to add notesHome~LT~Notizen<( (@''DrXXgg JHome~LT~GliederungDrPg\JoeM$mVTDrML8DrMD,DrOb}SVDrn  ac]SDUDQ !  Home~LT~Titeln  axV4B1ZApplication scanning examples Home~LT~Titel<( (@'+'DrObSVDrW aIc]SDUDQ ( Home~LT~Gliederung 15W aIxV4B1Z,Send a TFTP read request and check for errorHome~LT~Gliederung 1g* <( (@'#,,1Send an empty RIP request with metric of infinityHome~LT~Gliederung 1g* <( (@'#110Send a version=[3|4] and mode=client NTP requestHome~LT~Gliederung 1g* <( (@'#004App scanning for syslog would be useful, but alas...Home~LT~Gliederung 1g* <( (@'#44Other interesting applications?Home~LT~Gliederung 1g* <( (@'#*e.g. games, streaming audio/video, trojansHome~LT~Gliederung 2g* <( (@'&**)Most apps should be very easy to scan forHome~LT~Gliederung 1g* <( (@'#))/Just format the right request and await a replyHome~LT~Gliederung 2g* <( (@'&//DrXXgg NHome~LT~GliederungDrPgmJoeMVT$mDrML8DrMD,DrOb<SVDr&5 B0DrObPSVDr 3CG]c]SDUDQ #Home~LT~Notizen 3CG]qxV4B1\ZClick to add notesHome~LT~Notizen<( (@''DrXXgg JHome~LT~GliederungDrPgmJoeM$mVTDrML8DrMD,DrObwSVDrn  ac]SDUDQ !  Home~LT~Titeln  axV4B1ZIs it Mai Tai time yet? Home~LT~Titel<( (@'+'DrObSVDrW aIc]SDUDQ ( Home~LT~Gliederung 1W aIxV4B1Z-UDP scanning is a relatively simple procedureHome~LT~Gliederung 1g* <( (@'#--)However, be aware of how unreliable it isHome~LT~Gliederung 1g* <( (@'#))1UDP application specific scanners would be betterHome~LT~Gliederung 1g* <( (@'#112Application scanning may highlight vulnerabilitiesHome~LT~Gliederung 1g* <( (@'#22,If not, PROTOS style projects certainly willHome~LT~Gliederung 1g* <( (@'#,,DrXXgg NHome~LT~GliederungDrPgmJoeMVT$mDrML8DrMD,DrOb<SVDr&5 B0DrObPSVDr 3CG]c]SDUDQ #Home~LT~Notizen 3CG]qxV4B1\ZClick to add notesHome~LT~Notizen<( (@''DrXXgg JHome~LT~GliederungDrXXHP Color LaserJet PSHP__CLJ1`TlJobData 1 printer=HP Color LaserJet PS orientation=Landscape copies=1 scale=1 margindajustment=0,0,0,0 colordepth=24 pslevel=0 colordevice=0 PPDContexData PageSize:LetterInputSlot:FrontarSymbol(X HX H$n@ (` H HStarSymbol(` StarSymbol StarSymbol(0H0H$n@  DrVwP SVDr SVDr:SVDr{{SVDrALayout:SVDr{{SVDr#SVDr SVDr# SVDr0 SVDr1 SVDr3 SVDr4SVDr@SVDr SVDrD SVDrP SVDrQ DrHL DrHL DrHL F|V Root Entry!r\V)䰱CompObjEOle persist elements" SfxDocumentInfo uBasicManager2 4StarBASICSfxWindowsStandardJSfxStyleSheetswSummaryInformation( (StarDrawDocument3$C6