Penetration Testing mailing list archives
Re: Blind IP spoofing portscan tool?
From: <Alberto_Revelli () mckinsey com>
Date: Thu, 14 Jun 2001 08:58:20 +0200
Hi Curt, you are probably referring to hping, written by Antirez, that can perform spoofed portscans (using the ID field of IP datagrams). Check out http://www.kyuzz.org/antirez/hping.html for the tool, and http://www.securityfocus.org/templates/archive.pike?list=1&date=1998-12-15& msg=19981218074757.A990 () seclab com for Antirez's original post about this scanning technique Hope this helps Al Curt Wilson <netw3 () netw3 com>@netw3.com on 13/06/2001 23.04.49 Sent by: netw3 () netw3 com To: pen-test () securityfocus com cc: (bcc: Alberto Revelli) Subject: Blind IP spoofing portscan tool? In the mailing for the Black Hat briefings, there is mention of a "blind IP spoofing portscan tool" or something along those lines. I'm curious about this tool, what is it's name and what is the mechanism by which it works? I'd guess that it's something involving other elements of the IP stack or some tool that uses a 3rd party system to check IP ID's, sequence numbers, ICMP responses or something along those lines. I'd be interested to know more information, please share if you have this knowledge. PS - I'm moving to Chicago soon and looking for a good security job, anyone got any leads? Curt Wilson netw3 () netw3 com +-------------------------------------------------------------+ | This message may contain confidential and/or privileged | | information. If you are not the addressee or authorized to | | receive this for the addressee, you must not use, copy, | | disclose or take any action based on this message or any | | information herein. If you have received this message in | | error, please advise the sender immediately by reply e-mail | | and delete this message. Thank you for your cooperation. | +-------------------------------------------------------------+
Current thread:
- Blind IP spoofing portscan tool? Curt Wilson (Jun 13)
- Re: Blind IP spoofing portscan tool? matheny (Jun 14)
- Re: Blind IP spoofing portscan tool? Jose Nazario (Jun 14)
- Re: Blind IP spoofing portscan tool? Enrique A. Sanchez Montellano (Jun 15)
- Re: Blind IP spoofing portscan tool? Jose Nazario (Jun 14)
- Re: Blind IP spoofing portscan tool? Enrique A. Sanchez Montellano (Jun 14)
- Re: Blind IP spoofing portscan tool? Chris Winter (Jun 14)
- RE: Blind IP spoofing portscan tool? Filipe Almeida (Jun 15)
- <Possible follow-ups>
- Re: Blind IP spoofing portscan tool? Alberto_Revelli (Jun 14)
- RE: Blind IP spoofing portscan tool? Yonatan Bokovza (Jun 14)
- RE: Blind IP spoofing portscan tool? thomas olofsson (Jun 18)
- What is your policy on customers particapating in a pen test? Joe Klein (Jun 19)
- Re: What is your policy on customers particapating in a pen test? Meritt James (Jun 19)
- RE: What is your policy on customers particapating in a pen test? Ken Pfeil (Jun 21)
- Re: What is your policy on customers particapating in a pen test? GBH (Jun 19)
- Re: What is your policy on customers particapating in a pen test? Jonathan Rickman (Jun 19)
- RE: What is your policy on customers participating in a pen test? Ken Halbeck (Jun 19)
- Re: What is your policy on customers particapating in a pen test? Vanja Hrustic (Jun 20)
- Re: What is your policy on customers particapating in a pen test? Jonathan Rickman (Jun 21)
- What is your policy on customers particapating in a pen test? Joe Klein (Jun 19)
- Re: Blind IP spoofing portscan tool? matheny (Jun 14)