Camouflaging Nmap Scans

[Fyodor <fyodor () insecure org>]

There is a brief but reasonably good article at HackInTheBox that
describes several Nmap stealth scanning techniques.  The URL is
http://www.hackinthebox.org/article.php?sid=10640 .  I just want to
add a couple comments:

o He suggests running a sniffer while Nmap runs to determine what Nmap
  is doing.  That is a fine suggestion, but an alternative is to use
  the Nmap --packet_trace option which displays the packets it sends &
  receives.

o He doesn't go into or reference the nifty & ultra-stealthy Idle
  scan: http://www.insecure.org/nmap/idlescan.html

Here is the intro:

Its a boring Friday evening - mortals with brains the size of peanuts
fill up the local joint exposing whatever is left of their gray matter
to the savageness of fermented glucose whilst my DNA donors enjoy the
comforts of the flickering images emitted by the crude cathode ray.

I decide to do something productive and as always, end up seated on my
cat torn chair staring hypnotically at yet another cathode ray of a
much finer resolution. Its time to fire up my favourite tool and do
some poking around. It is indeed odd how my idea of a perfect Friday
night is spent cruising along electronic waves, woven and intertwined
so perfectly as to permit transport from any one point to another. Ah
the wonders of the world wide web. Enough ranting for now then! Lets
get down and dirty.

[ More at http://www.hackinthebox.org/article.php?sid=10640 ]

Cheers,
Fyodor

--------------------------------------------------
For help using this (nmap-hackers) mailing list, send a blank email to 
nmap-hackers-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).