RE: Source port scanning w/nmap?

["Rochford, Paul" <paul.rochford () hp com>]

Some hosts only allow connections from certain hosts on certain 'source'
ports, like DNS. Can be used to bypass filters. 

Kind Regards,
Paul Rochford 

-----Original Message-----
From: dissolved [mailto:dissolved () comcast net] 
Sent: Sunday, July 03, 2005 11:54 PM
To: 'Johannes Schneider'
Cc: security-basics () securityfocus com
Subject: RE: Source port scanning w/nmap?

Thanks. When you say "some hosts may not allow connections from every
port"
...what do you mean?  This is where I get confused.  What is the purpose
of source port scanning? To just find live hosts? Do you use ping
sweeping in combination with source port scanning?

-----Original Message-----
From: Johannes Schneider [mailto:ichhabekeineemail () gmx net]
Sent: Sunday, July 03, 2005 6:29 PM
To: dissolved
Cc: security-basics () securityfocus com
Subject: Re: Source port scanning w/nmap?

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

dissolved wrote:
> Can someone please assist me with doing source port scanning with
nmap?
I've
> read the MAN page and do not see this switch listed.
>
> Is it --source-port <port number>?
>
> Thanks

try nmap -sS -g [source port] [more options] [address2scan] as root. you
cant do nmap -cS -g [...] [...] [...].

if i understand it korrekt, the sourceport is the port you use to send
ur scan-pakets to the host. its usefull to scan hosts wich dont allow
connections from every port.

greatz Johannes
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFCyGaysVM05bj27BsRAjeoAJ9cR5kCWx7xnU/3iU/O+O/6KrLZ+QCgt/9A
94CQ6bYQ72riheBEsJ/n0Gs=
=hRzW
-----END PGP SIGNATURE-----