During a UDP service enumeration scan, the tester sees that some ports respond with ICMP Type 3 Code 3 (Port Unreachable), while most remain silent. No firewall or IDS is interfering. What can the tester conclude about the non-responsive ports?
A.
The ports are likely closed because no ICMP response was received.
B.
The system blocked all probes after rate-limiting was detected.
C.
They may be open or filtered, requiring retransmission.
D.
They may correspond to some services requiring three-way handshakes.
UDP scanning produces reliable " closed " results only when an ICMP Port Unreachable is returned. Silent responses indicate either open ports (no reply expected) or filtered ports (blocks dropping packets). CEH emphasizes that non-responses require retransmission or alternate verification techniques.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit