Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: FYI regarding nmap-payloads, Snort evasion, etc.

From: Fyodor <fyodor () insecure org>
Date: Mon, 23 Apr 2012 21:22:33 -0700
On Fri, Apr 20, 2012 at 04:37:27PM -0500, Daniel Miller wrote:


After some thought, I considered implementing an option to turn off 
payloads, listing it under IDS evasion methods. However, after digging 
in the code, I found out that using --data-length 0 would have the exact 
same effect (as far as I am aware).


The man page did mention this, but only in one place.  I've now added
it to another couple places where payloads and --data-length is
discussed.


A few more notes from my testing (which is far from complete):


Thanks for the notes.  I made a personal note to reflect them where
appropriate in the IDS evasion section of the next edition of Nmap
Network Scanning (no availability date set yet).

Let us know if you learn anything else useful from your testing.

Cheers,
Fyodor
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: