Nmap Development mailing list archives
Re: FW: Zenmap from inside network
From: David Fifield <david () bamsoftware com>
Date: Wed, 22 Apr 2009 07:52:27 -0600
On Wed, Apr 22, 2009 at 07:34:02AM -0400, Joe DeMicco wrote:
I'm having difficultly getting Zenmap to change the source IP address. We're running Zenmap on a 32 bit windows vista platform. We want to change the source ip address to a public ip address so we can test firewall settings from within the network and make the traffic seem to be coming from outside the network. When we issue the -S option to change the source address and hit the scan button this error message is returned: "Could not figure out what device to send the packet out on with the source address you gave me! If you are trying to sp00f your scan, this is normal, just give the -e eth0 or -e ppp0 or whatever. Otherwise you can still use -e, but I find it kindof fishy. QUITTING!"
Use "nmap --iflist" to see the interface names that Nmap uses. The option to use will probably be something like "-e eth0". If the interface is not an Ethernet interface, spoofing the source address won't work because of Windows limitations. However, what you are trying to do is probably not going to work. If you change the source address to an address outside the network, any replies to the probes you send are going to go to that outside address--not back to the scanning machine. This will make all hosts appear down or all ports filtered, depending on the scan you're doing. That's why it's "kindof fishy." David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- FW: Zenmap from inside network Joe DeMicco (Apr 22)
- Re: FW: Zenmap from inside network David Fifield (Apr 22)
- Message not available
- Re: FW: Zenmap from inside network David Fifield (Apr 22)
- Message not available
- Re: FW: Zenmap from inside network David Fifield (Apr 23)
- Message not available
- Re: FW: Zenmap from inside network David Fifield (Apr 22)