Re: Blind IP spoofing portscan tool?

[<Alberto_Revelli () mckinsey com>]

Hi Curt,

you are probably referring to hping, written by Antirez, that can perform
spoofed portscans (using the ID field of IP datagrams).

Check out http://www.kyuzz.org/antirez/hping.html for the tool, and

http://www.securityfocus.org/templates/archive.pike?list=1&date=1998-12-15&;
msg=19981218074757.A990 () seclab com

for Antirez's original post about this scanning technique

Hope this helps

Al





Curt Wilson <netw3 () netw3 com>@netw3.com on 13/06/2001 23.04.49

Sent by:  netw3 () netw3 com

To:   pen-test () securityfocus com
cc:    (bcc: Alberto Revelli)
Subject:  Blind IP spoofing portscan tool?

In the mailing for the Black Hat briefings, there is
mention of a "blind IP spoofing portscan tool" or
something along those lines. I'm curious about this
tool, what is it's name and what is the mechanism by
which it works? I'd guess that it's something involving
other elements of the IP stack or some tool that uses
a 3rd party system to check IP ID's, sequence
numbers, ICMP responses or something along those
lines.

I'd be interested to know more information, please
share if you have this knowledge.

PS - I'm moving to Chicago soon and looking for a
good security job, anyone got any leads?

Curt Wilson
netw3 () netw3 com





+-------------------------------------------------------------+
| This message may contain confidential and/or privileged     |
| information.  If you are not the addressee or authorized to |
| receive this for the addressee, you must not use, copy,     |
| disclose or take any action based on this message or any    |
| information herein.  If you have received this message in   |
| error, please advise the sender immediately by reply e-mail |
| and delete this message.  Thank you for your cooperation.   |
+-------------------------------------------------------------+