Nmap Development mailing list archives
Re: [SINGLEWORD] suggestion
From: Brandon Enright <bmenrigh () ucsd edu>
Date: Fri, 17 Oct 2008 20:34:58 +0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, 17 Oct 2008 14:02:24 +0000 "gusage ." <gusage () hotmail com> wrote:
Hi, what I report here is not a bug or a crash but an idea to improve a little this yet great tool. I've noticed that when scanning with an spooffed source IP, nmap does not generate any report because, obviously, the response packets are sent to another computer. My suggestion is, provided that we are in a wireless LAN and the spoofed IP corresponds to a machine on the same LAN, it is factible to get those response packets simply by setting the device in promiscous mode. I don't know if it is a common situation, but I have experienced it. Gerard.
If you are spoofing from a local segment you can just change your MAC and IP to that of the spoofed machine, turn on your firewall, and scan from that new IP. This isn't "spoofing" at the Nmap level but at the OS level. If done properly, it isn't detectable and has the advantage that you will get the results. Brandon -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (GNU/Linux) iEYEARECAAYFAkj49vgACgkQqaGPzAsl94KUtwCdEaB0t/2YoONTto4DCrJ4EnUO H6UAoML4E+m2PT+1lpA0Tv8VDF17GBKR =vApq -----END PGP SIGNATURE----- _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- suggestion gusage . (Oct 17)
- Re: [SINGLEWORD] suggestion Brandon Enright (Oct 17)