Nmap Development mailing list archives

Re: Scan via alternate gateway

From: Chris Frederick <cdf123 () cdf123 net>
Date: Tue, 23 Dec 2014 10:03:09 -0600

Thanks, sounds like -g and policy routing with iptables sounds like it would have worked.

Unfortunately, I think I backed myself into a corner on this one. Kernel was built without CONFIG_IP_MULTIPLE_TABLES or CONFIG_NF_NAT. :( Sosince I'll have to kick people off the server either way, I'll probably just do some 'ip route add/del' commands to switch between the twogateways quick.


Thanks for the tips though.

On 12/22/14 17:44, Jacek Wielemborek wrote:

W dniu 22.12.2014 o 23:59, Robin Wood pisze:

A quick thought, can you force nmap to use a fixed source port then
set up iptables to route anything from that source port through the
alternative gateway?

Robin


Yes, that should be possible using the -g option:

http://nmap.org/book/man-bypass-firewalls-ids.html#idm214689320608

As for the second part of the question, have a look here:

http://serverfault.com/q/225185/143824




_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/


_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/

Current thread:

Scan via alternate gateway Chris Frederick (Dec 22)
- Re: Scan via alternate gateway Robin Wood (Dec 22)
  - Re: Scan via alternate gateway Jacek Wielemborek (Dec 22)
    - Re: Scan via alternate gateway Chris Frederick (Dec 23)
    - Re: Scan via alternate gateway Robin Wood (Dec 23)
    - Re: Scan via alternate gateway Chris Frederick (Dec 23)