<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Nmap Development: Re: Invalidating Stealth

Re: Invalidating Stealth

From: Martin Mačok <martin.macok_at_underground.cz>
Date: Wed, 5 Oct 2005 13:52:27 +0200

On Tue, Oct 04, 2005 at 10:57:33AM -0500, Crenshaw, Adrian D wrote:

> If you use an idle scan (-sI), but don't use -P0, the true scanning
> IP will be given away because of the ping.

Last time I was experimenting with spoofing the source (through -S and
-e, not -sI), TCP pinging was spoofing correctly but ICMP pinging
wasn't ... (I have already reported this to the list, w/o an answer)

Martin Mačok
ICT Security Consultant

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Received on Oct 05 2005

This message: [ Message body ]
Next message: Juan Perez: "Problem with excludefile option"
Previous message: Fyodor: "Re: LAN/WAN Configuration Management"
In reply to: Crenshaw, Adrian D: "Invalidating Stealth"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]

edgeos