Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Rookie question about differences between -S and -sI option

From: Tim <tim-pentest () sentinelchicken org>
Date: Mon, 13 Feb 2006 23:58:38 -0500
Hello,


In terms of probing IPs which is the difference between scanning an host 
spoofing the source IP via -S option or scanning through an idle scan via 
the -sI option beside perspetive of course ?

I performed a normal -sS scan and later I issued the same command and 
option using also -S but despiting the fact the command started correctly I 
had no results even if the spoofed IP was online. Do you have an idea what 
I am missing ?



If you haven't read these yet, I suggest you do:
  http://seclists.org/lists/bugtraq/1998/Dec/0079.html
  http://www.insecure.org/nmap/idlescan.html


HTH,
tim

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: