Security Basics mailing list archives

Nmap, Firewall Testing, Idlescan?

From: <j_goodman00 () yahoo co uk>
Date: 1 Feb 2005 14:52:57 -0000



Hi,

I have a couple of routers at various sites which include firewalls & I would like to use nmap to test them.

I have been experimenting with idlescans in an attempt to fool the firewall, but have been unsuccessful & am unsure if 
this is the firewall working, or me failing! :)

I am attempting to 'bounce' the scans off another computer of mine on a different connection:

e.g.
MyIP is 1.2.3.1
BounceIP is 1.2.4.1
TargetIP is 1.2.5.1
nmap -T5 -v -P0 -sI 1.2.4.1 1.2.5.1

When I look at the firewall logs they show logs along the lines of the following:
Source 1.2.3.1 Destination:1.2.5.1

Does this mean the firewall is working & successfully filtering the spoofed IP packets, or am I doing something wrong?


Cheers,

James

Current thread:

Nmap, Firewall Testing, Idlescan? j_goodman00 (Feb 02)
- Re: Nmap, Firewall Testing, Idlescan? Joachim Schipper (Feb 03)
- Re: Nmap, Firewall Testing, Idlescan? david kuhlman (Feb 03)
  - Re: Nmap, Firewall Testing, Idlescan? James Goodman (Feb 03)
  - Re: Nmap, Firewall Testing, Idlescan? Times Enemy (Feb 04)