Nmap Development: Re: Nmap Service Detection Proposal

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Nmap Development mailing list archives

Re: Nmap Service Detection Proposal

From: H D Moore <hdm () secureaustin com>
Date: Tue, 29 Aug 2000 13:25:42 -0500

Fyodor wrote:


On Tue, 29 Aug 2000, Paul Tod Rieger wrote:

Will this be stealthy?


Not really.  People who need stealth probably won't use it.  They can
assume all the open ports carry the expected service.  Also, you can
always use an anonymous dialup or bounce the service detection through a
series of open SOCKS proxies (note: nmap does not currently have code to
do that for you).


Since nmap uses normal connect() calls with the -T option, you could use
the 'runsocks' utility from www.socks.nec.com to automagically bounce
through a socks server.  This works  for almost any TCP exploit/tool/etc
that doesnt send raw packets.

-HD

---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to 
nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).

By Date By Thread

Current thread:

RE: Nmap Service Detection Proposal, (continued)
- Re: Nmap Service Detection Proposal Paul Tod Rieger (Aug 28)
  - RE: Nmap Service Detection Proposal Jay Freeman \(saurik\) (Aug 29)
  - Re: Nmap Service Detection Proposal Fyodor (Aug 29)
    - Re: Nmap Service Detection Proposal H D Moore (Aug 29)
- Re: Nmap Service Detection Proposal Paul Tod Rieger (Aug 28)
  - RE: Nmap Service Detection Proposal Jay Freeman \(saurik\) (Aug 29)
  - RE: Nmap Service Detection Proposal Jay Freeman \(saurik\) (Aug 29)