Nmap Development mailing list archives
RE: decoys and limiting outbound RST packets
From: robert () dyadsecurity com
Date: Wed, 5 Jan 2005 23:16:57 -0800
Greetings Nmap-dev team, As an fyi, the unicornscan people have run into this issue of RST's coming from the kernel in response to connections it didn't initiate. For normal syn-scanning this doesn't bother you much, but it really gets annoying when you're actually trying to complete the 3-way handshake (we statelessly keep track of state all via raw sockets). Anyhow .. our solution for this was the brainchild of Kiki (ghost () rapturesecurity org - inspired by one of the Fanta commercials.. don't ask) was to have another program respond to arp requests on a particular interface without having to bother the kernel with the new IP assignment. This tool is called fantaip and comes with the current public release of unicornscan (unicornscan.org). The reason this may be interesting to the nmap folks is that it also works with nmap's -S option. Example: fantaip eth0 192.168.1.1 nmap -S 192.168.1.1 www.google.com -p80 etc etc etc Anyhow, if you have any questions, please feel free to contact us. Robert -- Robert E. Lee CTO, Dyad Security, Inc. W - http://www.dyadsecurity.com E - robert () dyadsecurity com M - (949) 394-2033 --------------------------------------------------------------------- For help using this (nmap-dev) mailing list, send a blank email to nmap-dev-help () insecure org . List archive: http://seclists.org
Current thread:
- decoys and limiting outbound RST packets Michael Rash (Jan 01)
- Re: decoys and limiting outbound RST packets Slarty (Jan 02)
- Re: decoys and limiting outbound RST packets Martin Mačok (Jan 02)
- Re: decoys and limiting outbound RST packets Michael Rash (Jan 02)
- Re: decoys and limiting outbound RST packets Martin Mačok (Jan 02)
- Re: decoys and limiting outbound RST packets Michael Rash (Jan 02)
- Re: decoys and limiting outbound RST packets Martin Mačok (Jan 03)
- Re: decoys and limiting outbound RST packets Martin Mačok (Jan 02)
- Re: decoys and limiting outbound RST packets Slarty (Jan 02)
- Re: decoys and limiting outbound RST packets Michael Rash (Jan 02)
- <Possible follow-ups>
- RE: decoys and limiting outbound RST packets robert (Jan 05)