Re: Rookie question about differences between -S and -sI option

[Marius Huse Jacobsen <mahuja () c2i net>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

Mark Fosseth wrote:

| In terms of probing IPs which is the difference between scanning an host
| spoofing the source IP via -S option or scanning through an idle scan
| via the -sI option beside perspetive of course ?

| I performed a normal -sS scan and later I issued the same command and
| option using also -S but despiting the fact the command started
| correctly I had no results even if the spoofed IP was online. Do you
| have an idea what I am missing ?

- -S sets the "self" address, -sI sets an "idlehost" address. And there's
the "target" address.

In a -sS scan, it sends packets [from self to target], and tries to read
for any [target to self] packets. The returning packets must pass by
your interface(s) on their way to the "self" address.

In a -sI scan, it sends packets [from idle to target] and [self to
idle]. It never registers [target to idle] replies, but tries to detect
them based on what it finds in the [idle to self] replies.


Rookie... Shouldn't last too long, I hope. :P


M.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (MingW32)

iD8DBQFD8RWol9nYJJam7WsRA6vpAKCbAXkAwAyGVROwQyRUy4tC5pZuZQCfZ6Oy
VonxArfrh5LtB1vLEIQ1NmM=
=wsnC
-----END PGP SIGNATURE-----

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------