Bugtraq mailing list archives

Re: netscan.org - broadcast ICMP list

From: troy () LTNX NET (Troy Davis)
Date: Sat, 2 Jan 1999 03:15:30 -0800


On Thu, Dec 31, 1998 at 03:22:14PM -0500, fyodor () DHP COM wrote:

On their page they say they are not going to release the scanner they use
to test networks for the problem -- people should use their web query form
instead.  This is unfortunate because the query form (like their database)
seems to only check .0 and .255 addresses.  Also it only seems to do class
'C' addresses, meaning that you have to type in 256 addresses, one at a
time, to do a class 'B'.


We're working on supporting any netmask, both for query size and interval
netmask (ie, 216.39.0.0/16 in /24 subnets).

As to the not allowing > class C searches, that's intentional right now.
We're trying to lessen the impact - on amps and the Internet at large - of
this data.  Someone smurfing with the original top 500 amps could have
saturated (large portions of) any NAP off a DS3.

months nmap has had the capability to locate smurf addresses on your
Nmap can be obtained from http://www.insecure.org/nmap/ .


Yep, neat tool.

Cheers,

Troy Davis

Current thread:

Re: netscan.org - broadcast ICMP list Fyodor (Dec 31)
- Deception Toolkit on SCO root6 (Jan 01)
- nmap can crash microsoft telnetd Tomas Halgas (Jan 02)
- Re: netscan.org - broadcast ICMP list Troy Davis (Jan 02)
- UNIX ELF PARASITES AND VIRUS silvio () BIG NET AU (Jan 02)
- <Possible follow-ups>
- Re: netscan.org - broadcast ICMP list Troy Davis (Dec 31)
- Re: netscan.org - broadcast ICMP list eric lindvall (Dec 31)