Nmap Development mailing list archives
Re: Invalidating Stealth
From: Martin Mačok <martin.macok () underground cz>
Date: Wed, 5 Oct 2005 13:52:27 +0200
On Tue, Oct 04, 2005 at 10:57:33AM -0500, Crenshaw, Adrian D wrote:
If you use an idle scan (-sI), but don't use -P0, the true scanning IP will be given away because of the ping.
Last time I was experimenting with spoofing the source (through -S and -e, not -sI), TCP pinging was spoofing correctly but ICMP pinging wasn't ... (I have already reported this to the list, w/o an answer) Martin Mačok ICT Security Consultant _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev
Current thread:
- Invalidating Stealth Crenshaw, Adrian D (Oct 04)
- Re: Invalidating Stealth jonathan roeder (Oct 04)
- Re: Invalidating Stealth Martin Mačok (Oct 05)