Nmap Development mailing list archives

Re: decoy scan: no decoy packages

From: mgrd <subscriptions () gerdau freeshell org>
Date: Tue, 14 Dec 2004 01:15:27 +0100

Nils Magnus wrote:

Craig Humphrey wrote:

[..]

Is there anything between your scanning host and the target host?  E.g.
routers, firewalls, etc, which might filter out invalid/spoofed traffic.
Both hosts are directly connected to the internet, using a dsl and aanalog modem resp., no routers etc.
On both machines the firewall was down (`iptables -F').



Could you give some more detailed information about that set-up? Have
both systems (target and source) official IP addresses? Are both part of
the same DSL provider? A lot DSP and cable modem providers do a lot of
nasty filtering of traffic they don't rate as appropriate from a leaf
node such as a DSL client.


Hmm, hard to say except:
- both systems have public/official IP addresses
- using different providers (target: dsl ; source: analog-dialup)

I think I'll run the same on a local network on the same segment.

---------------------------------------------------------------------

For help using this (nmap-dev) mailing list, send a blank email tonmap-dev-help () insecure org . List archive: http://seclists.org

Current thread:

decoy scan: no decoy packages mgrd (Dec 13)
- <Possible follow-ups>
- Re: decoy scan: no decoy packages mgrd (Dec 13)
- RE: decoy scan: no decoy packages Craig Humphrey (Dec 13)
  - Re: decoy scan: no decoy packages mgrd (Dec 13)
    - Re: decoy scan: no decoy packages Nils Magnus (Dec 13)
    - Re: decoy scan: no decoy packages mgrd (Dec 13)
- RE: decoy scan: no decoy packages Craig Humphrey (Dec 13)
  - RE: decoy scan: no decoy packages Gary Bunker (Dec 14)