Nmap Development mailing list archives
Re: Nmap 6.45 Informal Release
From: Daniel Miller <bonsaiviking () gmail com>
Date: Mon, 14 Apr 2014 10:29:08 -0500
On 04/13/2014 07:24 AM, Patrik Karlsson wrote:
I was having success with 0x0fe9 to a large extent as well in the request until the emails yesterday where it was pointed out that it didn't work against the CloudFlare challenge. I tried my initial commit and it did work up until the 0x4000 was replaced.
I did a quick binary search, and the minimum required to get a response from CloudFlare is 0x3fe9. This is so close to 0x4000 as to be indistinguishable regarding network impact, so let's stick with the 0x4000
I think as long as we don't make it a default script, IDS evasion can be left as an exercise to the user. I fully support the script as it currently stands.Personally, I'm less concerned about IDS detection than false negatives. We could make the default 0x4000 and allow changing it with an argument?-Patrik
Dan _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Nmap 6.45 Informal Release Fyodor (Apr 12)
- Re: Nmap 6.45 Informal Release Patrik Karlsson (Apr 13)
- Re: Nmap 6.45 Informal Release Daniel Miller (Apr 13)
- Re: Nmap 6.45 Informal Release Patrik Karlsson (Apr 13)
- Re: Nmap 6.45 Informal Release Daniel Miller (Apr 14)
- Re: Nmap 6.45 Informal Release Daniel Miller (Apr 13)
- Re: Nmap 6.45 Informal Release Patrik Karlsson (Apr 13)
- Re: Nmap 6.45 Informal Release - citrixxml.lua accidental tarpit Tom Sellers (Apr 13)
- Re: Nmap 6.45 Informal Release - citrixxml.lua accidental tarpit Patrik Karlsson (Apr 13)
- Re: Nmap 6.45 Informal Release - citrixxml.lua accidental tarpit Tom Sellers (Apr 13)
- Re: Nmap 6.45 Informal Release - citrixxml.lua accidental tarpit Patrik Karlsson (Apr 13)