Re: decoy scan: no decoy packages

[magnus () linuxtag org (Nils Magnus)]

Re,

On Tue, Dec 14, 2004 at 01:00:06AM +0100, mgrd wrote:
> As I corrected, ofcourse I meant `traceroute'
>
> Craig Humphrey wrote:
> > I don't think 'traceroute' is going to tell you what packets made it to
> > the target... 'tcpdump' perhaps? Or Ethereal? (or some other network
> > sniffer).
>
> Righ, I corrected the typo already..
>
> > Is there anything between your scanning host and the target host?  E.g.
> > routers, firewalls, etc, which might filter out invalid/spoofed traffic.
>
> Both hosts are directly connected to the internet, using a dsl and a 
> analog modem resp., no routers etc.
> On both machines the firewall was down (`iptables -F').

Could you give some more detailed information about that set-up? Have
both systems (target and source) official IP addresses? Are both part of
the same DSL provider? A lot DSP and cable modem providers do a lot of
nasty filtering of traffic they don't rate as appropriate from a leaf
node such as a DSL client.

Regards,

Nils Magnus
Program-Chair LinuxTag 2004 Free Conference Program

LinuxTag 2004: Where .com meets .org - magnus () linuxtag org

---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to 
nmap-dev-help () insecure org . List archive: http://seclists.org