Penetration Testing mailing list archives
Re: Blind IP spoofing portscan tool?
From: "Enrique A. Sanchez Montellano" <enrique.sanchez () defcom com>
Date: Fri, 15 Jun 2001 11:12:38 +0200
This info was taken from our course teacher notes: 2 xterms:in 1.- hping2 -S -p <port you want to check> -a <machine you are quering> <target> -i u10000
in 2.- hping2 -S -A -p <port .. is optional> <machine you are quering>The i option is important so you see a nice up instead of just 1 increment, this way you can use machines with no so high traffic. If you see an increase the port is open, if you don't maybe the port is either firewalled or closed (so you can honestly say is not reachable anyway).
You can beat asymetric networks this way because of the routing rules. you can try also to spoof the DMZ.
Enrique A. Sanchez Montellano Chief Technical Officer Defcom Spain Jose Nazario wrote:
no, curt's looking for simple nomad's "stealth communications across networks" talk slides and tools: http://www.sans.org/SANS2001/techcon.htm i know he was working on a tool, i think it may be announced at BlackHat Vegas/2001. ____________________________ jose nazario jose () cwru edu PGP: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80 PGP key ID 0xFD37F4E5 (pgp.mit.edu)
Current thread:
- Blind IP spoofing portscan tool? Curt Wilson (Jun 13)
- Re: Blind IP spoofing portscan tool? matheny (Jun 14)
- Re: Blind IP spoofing portscan tool? Jose Nazario (Jun 14)
- Re: Blind IP spoofing portscan tool? Enrique A. Sanchez Montellano (Jun 15)
- Re: Blind IP spoofing portscan tool? Jose Nazario (Jun 14)
- Re: Blind IP spoofing portscan tool? Enrique A. Sanchez Montellano (Jun 14)
- Re: Blind IP spoofing portscan tool? Chris Winter (Jun 14)
- RE: Blind IP spoofing portscan tool? Filipe Almeida (Jun 15)
- <Possible follow-ups>
- Re: Blind IP spoofing portscan tool? Alberto_Revelli (Jun 14)
- RE: Blind IP spoofing portscan tool? Yonatan Bokovza (Jun 14)
- RE: Blind IP spoofing portscan tool? thomas olofsson (Jun 18)
- What is your policy on customers particapating in a pen test? Joe Klein (Jun 19)
- Re: What is your policy on customers particapating in a pen test? Meritt James (Jun 19)
- RE: What is your policy on customers particapating in a pen test? Ken Pfeil (Jun 21)
- Re: What is your policy on customers particapating in a pen test? GBH (Jun 19)
- What is your policy on customers particapating in a pen test? Joe Klein (Jun 19)
- Re: Blind IP spoofing portscan tool? matheny (Jun 14)