Nmap Announce mailing list archives
Re: nmap's "-S" option and linux SAV
From: Michel Arboi <arboi () bigfoot com>
Date: 16 Jul 2000 11:21:04 +0200
tech_related () ip pt writes:
Does the kernel's SAV always prove incapable of blocking nmap's scans using spoofed packets? Or am I missing something?
I am afraid you are missing something. There is nothing magic about SAV in the TCP/IP stack, because faked packets just look like "genuine" packets. There is only one way to identify them: e.g., if you receive on your external interface, packets that "originate" from your internal network. -- mailto:arboi () bigfoot com http://www.bigfoot.com/~arboi/ GPG Public keys: http://www.bigfoot.com/~arboi/pubkey.txt -------------------------------------------------- For help using this (nmap-hackers) mailing list, send a blank email to nmap-hackers-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).
Current thread:
- nmap's "-S" option and linux SAV tech_related (Jul 15)
- Re: nmap's "-S" option and linux SAV Fyodor (Jul 15)
- Re: nmap's "-S" option and linux SAV Michel Arboi (Jul 17)