GIAC Security Essentials Certification (GSEC) — Question 8

What is the motivation behind SYN/FIN scanning?

Answer options

• A. The SYN/FIN combination is useful for signaling to certain Trojans.
• B. SYN/FIN packets are commonly used to launch denial of service attacks against BSD hosts.
• C. The crafted SYN/FIN packet sometimes gets past firewalls and filtering routers.
• D. A SYN/FIN packet is used in session hijacking to take over a session.

Correct answer: C

Explanation

The correct answer is C because SYN/FIN packets can exploit vulnerabilities in firewalls and filtering routers, allowing unauthorized access. Option A is incorrect as the combination does not primarily signal Trojans. Option B is false because while SYN/FIN packets may be involved in other attacks, they are not specifically used for DDoS against BSD hosts. Option D is not accurate since SYN/FIN packets are not directly used for session hijacking.