Nmap Development mailing list archives
Re: anyone aware of this?
From: David Fifield <david () bamsoftware com>
Date: Sun, 15 Nov 2009 20:58:00 -0700
On Fri, Oct 23, 2009 at 10:14:17AM +0200, kx wrote:
Mike, If you are on an ethernet LAN you may be able to try this technique for scanning your own Windows machine: http://seclists.org/nmap-dev/2006/q1/318 David Fifield and Fyodor has done some UDP payload development and ping probe testing: http://seclists.org/nmap-dev/2009/q2/490 http://seclists.org/nmap-dev/2009/q3/22 David and Fyodor, Would you still have the testing framework available to see the performance of certain UDP probes improves when the source port matches the dest port?
I thought I had all the scripts used to get the results, but I can't find them all. Luckily the ones that are missing should be easy to replace. My overall methodology is here: http://www.bamsoftware.com/wiki/Nmap/EffectivenessOfPingProbes I just uploaded the analysis scripts to that page too. I don't still have the netrange.nse script, but it's easy to make from whois.nse. I use the nmap-bench program for all kinds of benchmarking, not just ping probe effectiveness. It makes it easy to run the same commands multiple times on different machines. We tested different source ports, and setting a source port tends to increase effectiveness. We didn't try setting the source port always equal to the destination port. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- anyone aware of this? mike (Oct 22)
- Re: anyone aware of this? kx (Oct 23)
- Re: anyone aware of this? kx (Oct 23)
- Re: anyone aware of this? David Fifield (Nov 15)
- Re: anyone aware of this? kx (Oct 23)