Nmap Development mailing list archives
Re: FYI regarding nmap-payloads, Snort evasion, etc.
From: Fyodor <fyodor () insecure org>
Date: Mon, 23 Apr 2012 21:22:33 -0700
On Fri, Apr 20, 2012 at 04:37:27PM -0500, Daniel Miller wrote:
After some thought, I considered implementing an option to turn off payloads, listing it under IDS evasion methods. However, after digging in the code, I found out that using --data-length 0 would have the exact same effect (as far as I am aware).
The man page did mention this, but only in one place. I've now added it to another couple places where payloads and --data-length is discussed.
A few more notes from my testing (which is far from complete):
Thanks for the notes. I made a personal note to reflect them where appropriate in the IDS evasion section of the next edition of Nmap Network Scanning (no availability date set yet). Let us know if you learn anything else useful from your testing. Cheers, Fyodor _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- FYI regarding nmap-payloads, Snort evasion, etc. Daniel Miller (Apr 20)
- Re: FYI regarding nmap-payloads, Snort evasion, etc. David Fifield (Apr 20)
- Re: FYI regarding nmap-payloads, Snort evasion, etc. Fyodor (Apr 23)