Nmap Development mailing list archives
Suggestion - IDS/IPS detection.
From: jah <jah () zadkiel plus com>
Date: Mon, 18 Jun 2007 22:49:27 +0100
Often, scanning a target will trigger some sort of prevention system and the target drops all packets from the nmap host from that point onwards. Sometimes the target will also put into effect a lockout period during which all packets from the nmap host are dropped. I'd like to see nmap respond to such filtering where the target has previously responded to one or more probes. It could do that perhaps, by periodically pinging a known open port, after a certain time has elapsed during which the target has not responded. Any nmap output might then reflect that a previously known open port has ceased to respond along with an approximate time (perhaps a window between a successful and an unsuccessful ping) of cessation. _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Suggestion - IDS/IPS detection. jah (Jun 18)
- Re: Suggestion - IDS/IPS detection. Arturo 'Buanzo' Busleiman (Jun 18)