Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

nmap-dev logo Nmap Development mailing list archives

RE: decoy scan: no decoy packages
From: "Craig Humphrey" <Craig.Humphrey () chapmantripp com>
Date: Tue, 14 Dec 2004 12:22:47 +1300
I don't think 'traceroute' is going to tell you what packets made it to
the target... 'tcpdump' perhaps? Or Ethereal? (or some other network
sniffer).

Is there anything between your scanning host and the target host?  E.g.
routers, firewalls, etc, which might filter out invalid/spoofed traffic.

Hope that helps.

Later'ish
Craig



-----Original Message-----
From: mgrd [mailto:subscriptions () gerdau freeshell org] 
Sent: Tuesday, December 14, 2004 12:14 PM
To: nmap-dev () insecure org
Subject: decoy scan: no decoy packages

When running a decoy scan, shouldn't I see decoy host 
packages arriving 
on the target host?

I ran: `nmap -sS <ip-decoy1>,<ip-decoy2>,ME <ip-target>'
(where: `ME' is expanded to the own IP)

Running `traceroute' on the target host, no decoy host IP packages 
arrived but only of the scanning host.

nmap version    : 3.75 (default compile)
scanning host OS: linux 2.4.20 x86
target host OS  : linux 2.4.20 x86


---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to
nmap-dev-help () insecure org . List archive: http://seclists.org

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]