New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

GIAC GPEN Exam - Topic 7 Question 69 Discussion

Actual exam question for GIAC's GPEN exam
Question #: 69
Topic #: 7
[All GPEN Questions]

You work as a Penetration Tester for the Infosec Inc. Your company takes the projects of security auditing. Recently, your company has assigned you a project to test the security of the we-aresecure. com Web site. For this, you want to perform the idle scan so that you can get the ports open in the we-are-secure.com server. You are using Hping tool to perform the idle scan by using a zombie computer. While scanning, you notice that every IPID is being incremented on every query, regardless whether the ports are open or close. Sometimes, IPID is being incremented by more than one value. What may be the reason?

Show Suggested Answer Hide Answer
Suggested Answer: C

by Herminia at Mar 20, 2025, 10:22 PM

Limited Time Offer

25%

Off

Get Premium GPEN Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Jacquline
2 months ago
Not sure about that, could be a misconfiguration too.
upvoted 0 times
...
Lorrie
2 months ago
Wait, Hping can't do idle scans? That's surprising!
upvoted 0 times
...
Tony
2 months ago
I think it's definitely the firewall messing things up.
upvoted 0 times
...
Tandra
3 months ago
Sounds like the zombie's busy with other traffic.
upvoted 0 times
...
Adelaide
3 months ago
I agree, the zombie must be interacting with something else.
upvoted 0 times
...
My
3 months ago
I thought Hping was capable of idle scanning, so I doubt option D is correct. But I could be mistaken about its capabilities.
upvoted 0 times
...
Ellsworth
3 months ago
I practiced idle scans before, and I recall that the zombie needs to be connected to the target for it to work properly. So, option C could make sense too.
upvoted 0 times
...
Gregoria
4 months ago
I'm not entirely sure, but I think firewalls can sometimes interfere with scans. Maybe option B is a possibility?
upvoted 0 times
...
Lacresha
4 months ago
I remember reading that if the zombie is interacting with other systems, it could cause the IPID to increment unexpectedly. So, option A might be the right choice.
upvoted 0 times
...
Lorrie
4 months ago
Hmm, I'm not sure about that last option. Hping is a pretty powerful tool, so I doubt it wouldn't be able to perform an idle scan. I'll have to double-check that.
upvoted 0 times
...
Cassie
4 months ago
Ah, I see. If the zombie computer isn't properly connected to the target server, that could definitely lead to the IPID issue. Good point to consider.
upvoted 0 times
...
Cora
4 months ago
Wait, I'm a bit confused. Is the firewall really a possible reason here? I thought the idle scan was designed to bypass firewalls.
upvoted 0 times
...
Yong
5 months ago
Okay, let's see. The zombie computer interacting with another system could definitely cause the IPID to increment in unexpected ways. I'll keep that in mind.
upvoted 0 times
...
Rebecka
5 months ago
Hmm, this seems like a tricky one. I'll need to think carefully about the possible reasons for the IPID behavior.
upvoted 0 times
...
Lynelle
9 months ago
Zombie computer, huh? Sounds like this penetration test is more like a haunted house than an audit.
upvoted 0 times
...
Yuette
9 months ago
Hping not doing idle scanning? That's like saying a screwdriver can't screw in screws. I'm pretty sure that's not the issue here.
upvoted 0 times
Amira
8 months ago
B) The firewall is blocking the scanning process.
upvoted 0 times
...
Tammara
8 months ago
A) The zombie computer is the system interacting with some other system besides your computer.
upvoted 0 times
...
Theresia
8 months ago
B) The firewall is blocking the scanning process.
upvoted 0 times
...
Diane
9 months ago
A) The zombie computer is the system interacting with some other system besides your computer.
upvoted 0 times
...
...
Maryann
9 months ago
Wait, so the zombie computer isn't even connected to the target server? That's a pretty big problem for the idle scan to work. Gotta be option C.
upvoted 0 times
Douglass
8 months ago
Looks like we need to make sure the zombie computer is properly connected to the we-are-secure.com server for the idle scan to be effective.
upvoted 0 times
...
Rosalia
9 months ago
That's true, option C seems to be the most likely reason for the IPID incrementing regardless of open ports.
upvoted 0 times
...
Rhea
9 months ago
Yeah, if the zombie computer isn't connected to the target server, then the idle scan won't work.
upvoted 0 times
...
...
Izetta
10 months ago
Nah, the firewall blocking the scan wouldn't cause the IPID to increment in that way. I think you're on the right track with the zombie computer being the issue.
upvoted 0 times
Wenona
8 months ago
A) The zombie computer is the system interacting with some other system besides your computer.
upvoted 0 times
...
Bette
9 months ago
B) The firewall is blocking the scanning process.
upvoted 0 times
...
Lettie
9 months ago
A) The zombie computer is the system interacting with some other system besides your computer.
upvoted 0 times
...
...
Felix
11 months ago
But what if the firewall is blocking the scanning process? Could that also be a reason?
upvoted 0 times
...
Charlette
11 months ago
Hmm, if the IPID is incrementing even for closed ports, it sounds like the zombie computer is interacting with something else besides the target server. I'd go with option A.
upvoted 0 times
Elliot
9 months ago
No, I don't think the firewall is the issue here.
upvoted 0 times
...
Lonna
10 months ago
Maybe the firewall is blocking the scanning process.
upvoted 0 times
...
Sabina
10 months ago
Yeah, that could be the reason for the IPID incrementing.
upvoted 0 times
...
Jackie
10 months ago
I think the zombie computer is interacting with another system.
upvoted 0 times
...
...
Yoko
11 months ago
I agree with Avery. It makes sense that the IPID is being incremented because of that.
upvoted 0 times
...
Avery
11 months ago
I think the reason could be that the zombie computer is interacting with another system.
upvoted 0 times
...

Save Cancel