Penetration Testing mailing list archives
Re: NMAP Concurrent Scans
From: Tim <tim-pentest () sentinelchicken org>
Date: Fri, 10 Aug 2007 13:46:12 -0400
I was wondering whether running SYN, FIN, XMAS, NULL and ACK scans in parallel on a target generate false results. Since same client IP is asking for opening & closing a connection on target machine will it not render some ports open and other closed in the report?
Assuming nmap is using random source ports (which it does by default), even if you're scanning the same port, it's relatively unlikely the 4-tuple (source ip, dest ip, source port, dest port) will be identical. Remember, this 4-tuple is what uniquely indentifies a connection. HTH, tim ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
Current thread:
- NMAP Concurrent Scans Clone (Aug 10)
- Re: NMAP Concurrent Scans Burak CIFTER (Aug 11)
- Re: NMAP Concurrent Scans Tim (Aug 11)
- Re: NMAP Concurrent Scans rajat swarup (Aug 11)