Penetration Testing mailing list archives
RE: nmap -S option
From: "Philippe Dumont" <philippe.dumont () abovesecurity com>
Date: Thu, 15 Feb 2007 17:10:40 -0500
Baris, Since you are spoofing your source address, where do you think the target will reply too? You're actual IP address or the spoofed one? Do you have control over the spoofed ip address or can you somehow capture the packets going to the spoofed source? If not then don't spoof your source ip since you won't be able to get any results back (they will be sent to the spoofed source which you have no control over). Now I have a question for you... why are you trying to spoof your source? I recommend that you read the following book for a better understand of the tcp/ip protocol suite: TCP/IP Illustrated Volume I Happy reading... -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Baris Erdogan Sent: Wednesday, February 14, 2007 4:13 AM To: pen-test () securityfocus com Subject: nmap -S option Hello, When i use "nmap -sS targetaddress -S spoofaddress -e eth0" command, nmap does not show open ports at end of scan. i wanna know whether this is normal case or not. do i misuse nmap options? Because when i use nmap with "nmap -sS targetaddress", nmap shows me open ports at the end of scan. Thanks, Kind regards, Baris Erdogan ________________________________________________________________________ ____________ Any questions? Get answers on any topic at www.Answers.yahoo.com. Try it now. ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=7016 00000008bOW ------------------------------------------------------------------------ AVERTISSEMENT CONCERNANT LA CONFIDENTIALITE Le present message est a l'usage exclusif du ou des destinataires mentionnes ci-dessus. Son contenu est confidentiel et peut etre assujetti au secret professionnel. Si vous avez recu le present message par erreur, veuillez nous en aviser immediatement et le detruire en vous abstenant d'en faire une copie, d'en divulguer le contenu ou d'y donner suite. CONFIDENTIALITY NOTICE This communication is intended for the exclusive use of the addressee identified above. Its content is confidential and may contain privileged information. If you have received this communication by error, please notify the sender and delete the message without copying or disclosing it. ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
Current thread:
- nmap -S option Baris Erdogan (Feb 15)
- Re: nmap -S option Cedric Blancher (Feb 17)
- Re: nmap -S option Matthew Closson (Feb 17)
- Re: nmap -S option Francois Yang (Feb 17)
- RE: nmap -S option Earl Carter (ecarter) (Feb 17)
- RE: nmap -S option Shenk, Jerry A (Feb 17)
- RE: nmap -S option Philippe Dumont (Feb 17)
- Re: nmap -S option pentest (Feb 17)
- Re: nmap -S option Tim (Feb 17)
- Re: nmap -S option Dan Catalin Vasile (Feb 17)
- Re: nmap -S option Peter Kosinar (Feb 17)
- Re: nmap -S option Manuel Arostegui (Feb 17)
- <Possible follow-ups>
- Re: nmap -S option Baris Erdogan (Feb 17)
- Re: nmap -S option bariswinston (Feb 17)