Nmap Announce mailing list archives
nmap's "-S" option and linux SAV
From: tech_related () ip pt
Date: Sat, 15 Jul 2000 23:57:59 GMT
Hello, I've noticed that on my network nmap 2.53, when run with the command nmap -sS -e ppp0 -S [false IP] [target] completely bypasses the Source Address Verification built into the linux kernel and activaded via for f in /proc/sys/net/ipv4/conf/*/rp_filter; do echo 1 > $f done in the firewall script I use. Does the kernel's SAV always prove incapable of blocking nmap's scans using spoofed packets? Or am I missing something? Cheers, Manuel PS: This must be a typical newbie question, but I really couldn't figure this out all by myself: nmap -sU -P0 -e ppp0 1-1024 192.168.0.2 resulted in Allt 1024 scanned ports on 192.168.0.2 are: filtered but (for example) nmap -sU P0 -e ppp0 1 192.168.0.2 outputs "port 1, state open" (the same happened with all the ports in the 1-1024 range I cared to try). Does "open" mean the same as "filtered" in this context?
Current thread:
- nmap's "-S" option and linux SAV tech_related (Jul 15)
- Re: nmap's "-S" option and linux SAV Fyodor (Jul 15)
- Re: nmap's "-S" option and linux SAV Michel Arboi (Jul 17)