mailing list archives
Re: idlescan (ip.id portscanner)
From: marvin () NSS NU (marvin () NSS NU)
Date: Sat, 4 Dec 1999 18:38:32 +0000
On Fri, 3 Dec 1999, LiquidK wrote:
I haven't seen any pratical implementation of the scan, so I decided
to write one to see how usable the method is in the real world. I reached
the conclusion that this method is indeed quite usable (althought a little slow
to account for packet propagation time).
And here's mine. :-)
This one compiles on my system, yours didn't (yes, it was linux with
libnet and glibc).
A few notes:
0) Default is to send null packets for echo:ing, some firewalls block
them. Override with -F<flags>.
1) Lot's of options. All nice.
2) Use -e instead of -o 256 if silent host is windows.
3) It's script-puppy safe. Fix the (one-line) "bug" and get a free
(requires libnet and libpcap)