Penetration Testing mailing list archives

RE: nmap -S option

From: "Philippe Dumont" <philippe.dumont () abovesecurity com>
Date: Thu, 15 Feb 2007 17:10:40 -0500

Baris,

Since you are spoofing your source address, where do you think the
target will reply too? You're actual IP address or the spoofed one? Do
you have control over the spoofed ip address or can you somehow capture
the packets going to the spoofed source? If not then don't spoof your
source ip since you won't be able to get any results back (they will be
sent to the spoofed source which you have no control over).

Now I have a question for you... why are you trying to spoof your
source?

I recommend that you read the following book for a better understand of
the tcp/ip protocol suite: TCP/IP Illustrated Volume I

Happy reading...


-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Baris Erdogan
Sent: Wednesday, February 14, 2007 4:13 AM
To: pen-test () securityfocus com
Subject: nmap -S option

Hello,

When i use "nmap -sS targetaddress -S spoofaddress -e eth0" command,
nmap does not show open ports at end of scan.
i wanna know whether this is normal case or not. 
do i misuse nmap options?
Because when i use nmap with "nmap -sS targetaddress", nmap shows me
open ports at the end of scan.

Thanks,

Kind regards,
 
Baris Erdogan


 
________________________________________________________________________
____________
Any questions? Get answers on any topic at www.Answers.yahoo.com.  Try
it now.

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php?camp=7016
00000008bOW
------------------------------------------------------------------------

AVERTISSEMENT CONCERNANT LA CONFIDENTIALITE 

Le present message est a l'usage exclusif du ou des destinataires mentionnes ci-dessus. Son contenu est confidentiel et 
peut etre assujetti au secret professionnel. Si vous avez recu le present message par erreur, veuillez nous en aviser 
immediatement et le detruire en vous abstenant d'en faire une copie, d'en divulguer le contenu ou d'y donner suite.

CONFIDENTIALITY NOTICE

This communication is intended for the exclusive use of the addressee identified above. Its content is confidential and 
may contain privileged information. If you have received this communication by error, please notify the sender and 
delete the message without copying or disclosing it.

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------

Current thread:

nmap -S option Baris Erdogan (Feb 15)
- Re: nmap -S option Cedric Blancher (Feb 17)
- Re: nmap -S option Matthew Closson (Feb 17)
- Re: nmap -S option Francois Yang (Feb 17)
- RE: nmap -S option Earl Carter (ecarter) (Feb 17)
- RE: nmap -S option Shenk, Jerry A (Feb 17)
- RE: nmap -S option Philippe Dumont (Feb 17)
- Re: nmap -S option pentest (Feb 17)
- Re: nmap -S option Tim (Feb 17)
- Re: nmap -S option Dan Catalin Vasile (Feb 17)
- Re: nmap -S option Peter Kosinar (Feb 17)
- Re: nmap -S option Manuel Arostegui (Feb 17)
- <Possible follow-ups>
- Re: nmap -S option Baris Erdogan (Feb 17)
- Re: nmap -S option bariswinston (Feb 17)