On Thu, Jan 05, 2006 at 01:38:35PM +0100, Ed3f wrote:
>
> I have followed Fyodor's advices, and written a better patch.
Well, I certainly can't turn down a patch which does something this
useful in only 14 changed lines :). I have applied it (as --badsum)
for the next version of Nmap:
o Added the --badsum option, which causes Nmap to use invalid TCP or
UDP checksums for packets sent to target hosts. Since
virtually all host IP stacks properly drop these packets, any
responses received are likely coming from a firewall or IDS that
didn't bother to verify the checksum. For more details on this
technique, see http://www.phrack.org/phrack/60/p60-0x0c.txt . The
author of that paper, Ed3f (ed3f(a)antifork.org), is also the author
of this patch.
Cheers,
-F
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Received on Jan 05 2006
Intro
