Nmap Development mailing list archives
Repeated Random numbers with data-length option
From: Andrew Jason Farabee <afarabee () uci edu>
Date: Mon, 10 Nov 2014 22:49:15 -0800
I was hoping someone could explain to me why the default behavior is for the same random numbers to be padded at the end of each packet sent in an nmap instance. For example, if I run "nmap 10.0.0.1/24 --data-length 100" every packet to every port to every address in the specified target network will contain the same data. It seems like this behavior makes the --data-length option more conspicuous instead of less (sending the same data to every port, multiple remote addresses sending the same data during decoy scans, letting targeted network admins know when one instance of nmap has stopped and another has started.) Why does nmap not regenerate the random data for each packet by default? Is it just a question of efficiency or would using a random string not actually be any less conspicuous? Thanks a lot. Also, I wanted to say thanks for the nmap devs for creating and maintaining such a useful and helpful system.
_______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Repeated Random numbers with data-length option Andrew Jason Farabee (Nov 11)