This is an nmap -sA scan, or an ACK scan, from another local workstation. It's coming from one port on the source IP and being received by multiple ports on the destination/victim IP because it's checking for open ports. Both IPs are on the same network so there isn't any malware beaconing or C2 communication. And given that these are ack packets, it isn't anything UDP related
I mistyped on the "checking for open ports" part. The purpose of an ACK scan is usually to identify which ports are reachable through a firewall. No response indicates that the port is filtered and the traffic was blocked. A response, typically a RST packet, indicates that the port is unfiltered and was allowed through the firewall
upvoted 1 times
...
...
This section is not available anymore. Please use the main Exam Page.CS0-003 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
BlackSkullz
4 days, 2 hours agoBlackSkullz
4 days, 2 hours ago