Nping issue when defining source MAC address

[arman pasha <armanpasha7 () gmail com>]

Hi,
I'm trying to use nping to send packets with spoofed source MAC and IP
address. I'm using the following commands in which the first command tries
to send 50 NTP packets from WAN to the victim and the second command tries
to send 50 outgoing NTP packets from the victim to WAN.

sudo nping --udp --source-port 123 --dest-port 7000 --source-ip 8.8.8.8
--dest-ip <Victim IP> --source-mac <Gateway MAC> --data-length 100 --delay
10ms --interface eth0 --privileged --count 50 --no-capture --hide-sent
--send-eth --debug

sudo nping --udp --source-port 7000 --dest-port 123 --source-ip <Victim IP>
--dest-ip 8.8.8.8 --source-mac <Victim MAC> --data-length 100 --delay 10ms
--interface eth0 --privileged --count 50 --no-capture --hide-sent
--send-eth --debug

I intentionally added --delay 10ms to make sure no packet is lost in the
process.
The problem is that these two commands don't work all the time. To be
accurate, for the first time I run these they work fine but when I try to
run them after about 1 minute, nping only sends the outgoing packets (the
second command). The weird part is that if I wait for about 5 minute and
then run them again, they work fine. So it made me believe that there might
be some sort of cooldown.

Also, there is another weird behaviour which is not the main problem but it
may be related to it; which is if I don't specify --debug it takes much
longer to send the same number of packets. So, basically I understood that
if I use --debug, nping works much faster.


I really appreciate any help for solving the issue.
Thanks in advance.

Arman

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/