How does nmap determine a port is tcpwrapped?
I am scanning a system and nmap reports about 3/4 of the ports are tcpwrapped. Does anyone know how does nmap determines this? receiving no response to a SYN packet should indicate a firewall probably blocking, thus giving a "Filtered" response. Receiving a RST packet back should indicate a closed port, so what indicates a tcpwrapped port?