Nmap Development mailing list archives
Re: Idle scan
From: Martin Mačok <martin.macok () underground cz>
Date: Thu, 19 May 2005 21:01:32 +0200
On Thu, May 19, 2005 at 06:46:21PM +0200, Pablo Fernández wrote:
Idlescan using zombie 192.168.5.10 (192.168.5.10:80); Class: Incremental
BTW: .10 is a linux 2.6.11-7 kernel and .1 is a linux 2.4.30.
Linux can't be used as idle zombie because it uses independent IP ID sequences per 'peer'. Find some Windows machine for that.
Could someone please let me know if I just had bad luck or this type of scan is obsolete?
IDLE scan is not obsolete. You have to choose the zombie carefuly. Martin Mačok ICT Security Consultant _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev
Current thread:
- Idle scan Pablo Fernández (May 19)
- Re: Idle scan Martin Mačok (May 19)
- Re: Idle scan Kurt Grutzmacher (May 20)
- Re: Idle scan Martin Mačok (May 19)