Nmap gods gift to open source port scanners

Recently i tested nmap out . I armored a Redhat box out side my internet perimeter and hacked away at a box with win2k on it running the latest version of black ice defender it was surprising . Nmap saw ports as closed but it knew something was firewalling those ports it also attempted to finger print the os and succeeded. So i figured out that black ice in its default settings is not very stealthy but in the advanced firewall settings if you bring the settings up to Nervous and run the Nmap scanner you wont get the message that any thing is there . Nmap is a great auditing tool but like all great hings i can be used to fin scan and as you know most firewalls wont be able to correct a Fin scan using Udp ports. If you are using black ice or check point with the lastest software These firewalls wont see the initial fin scan but they will diagnose by name the nmap ping then you can take what ever precautionary measures you need to Ie tcp wrappers snort .

Well thats all folks EviL

Thanks for the info on nmap. Great tool for finding holes in your network. Now to try the thing on my win98 box with tiny personal firewall...