mailing list archives
Re: FYI regarding nmap-payloads, Snort evasion, etc.
From: Fyodor <fyodor () insecure org>
Date: Mon, 23 Apr 2012 21:22:33 -0700
On Fri, Apr 20, 2012 at 04:37:27PM -0500, Daniel Miller wrote:
After some thought, I considered implementing an option to turn off
payloads, listing it under IDS evasion methods. However, after digging
in the code, I found out that using --data-length 0 would have the exact
same effect (as far as I am aware).
The man page did mention this, but only in one place. I've now added
it to another couple places where payloads and --data-length is
A few more notes from my testing (which is far from complete):
Thanks for the notes. I made a personal note to reflect them where
appropriate in the IDS evasion section of the next edition of Nmap
Network Scanning (no availability date set yet).
Let us know if you learn anything else useful from your testing.
Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/