Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [SINGLEWORD] suggestion

From: Brandon Enright <bmenrigh () ucsd edu>
Date: Fri, 17 Oct 2008 20:34:58 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Fri, 17 Oct 2008 14:02:24 +0000
"gusage ." <gusage () hotmail com> wrote:



  Hi,

  what I report here is not a bug or a crash but an idea to improve a
little this yet great tool. I've noticed that when scanning with an
spooffed source IP, nmap does not generate any report because,
obviously, the response packets are sent to another computer. My
suggestion is, provided that we are in a wireless LAN and the spoofed
IP corresponds to a machine on the same LAN, it is factible to get
those response packets simply by setting the device in promiscous
mode. I don't know if it is a common situation, but I have
experienced it. Gerard.


If you are spoofing from a local segment you can just change your MAC
and IP to that of the spoofed machine, turn on your firewall, and scan
from that new IP.  This isn't "spoofing" at the Nmap level but at the
OS level.  If done properly, it isn't detectable and has the advantage
that you will get the results.

Brandon

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)

iEYEARECAAYFAkj49vgACgkQqaGPzAsl94KUtwCdEaB0t/2YoONTto4DCrJ4EnUO
H6UAoML4E+m2PT+1lpA0Tv8VDF17GBKR
=vApq
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: