Nmap Development mailing list archives
RE: Sniffing nmap output
From: "Sean Warnock" <swarnock () warnocksolutions com>
Date: Sun, 5 Dec 2004 08:59:18 -0800
I don't see why not. You would need to be on the same network segment to do this. You might take a look at the Idle Scan option (-sI) instead as it is fairly sneaky and would not require a host on the same segment in promiscuous mode. Take a look at the write-ups posted about Idle Scanning; http://www.insecure.org/nmap/idlescan.html -----Original Message----- From: W S N [mailto:woodenshoe () gmail com] Sent: Sunday, December 05, 2004 7:07 AM To: nmap-dev () insecure org Subject: Sniffing nmap output I'm curious if anyone has ever tried to identify nmap query or response packets promiscuously off a wire? Could one identify other people running scans, or even identify the results of someone else's scan? For instance, I might be able to passively learn the ports or operating system of a system that someone else scanned. Any thoughts? --------------------------------------------------------------------- For help using this (nmap-dev) mailing list, send a blank email to nmap-dev-help () insecure org . List archive: http://seclists.org --------------------------------------------------------------------- For help using this (nmap-dev) mailing list, send a blank email to nmap-dev-help () insecure org . List archive: http://seclists.org
Current thread:
- Sniffing nmap output W S N (Dec 05)
- Re: Sniffing nmap output Martin Mačok (Dec 05)
- <Possible follow-ups>
- RE: Sniffing nmap output Sean Warnock (Dec 05)