Re: Safe scanning

["Jonathan Day" <jd9812 () my-Deja com>]

On Tue, 21 Mar 2000 21:33:03   Teolicy wrote:
> #include <stdthanks.h> // to Fyodor the man

In which case, that leaves me with:

#include <non/stdthanks.h>

<snip>

> Alek O.K.'s recent post (subj: "Setting nmap
> host_timeout too low may cause DoS on inetd
> (?)") kinda spooked me.

<snip>

Teolicy's question reminded me of something I have been meaning to ask, for some time. Is there any way of striping an 
nmap scan across a range of hosts?

(In other words, instead of sending a whole load of scans to one host, then moving on to the next, run the first scan 
on each in turn, followed by the second, etc.)

I really should dig through the code more thoroughly before asking such dumb questions, as there probably -is- a way to 
do that.

It just seems that it would solve the DoS problem, at least for wide-area scans. It might also duck under more 
primitive threshold-based IDS systems. (IMHO, if an IDS system can't spot a striped scan, it's just wasting resources.)




--== Sent via Deja.com http://www.deja.com/ ==--
Share what you know. Learn what you don't.