Nmap Development mailing list archives
Re: Using TTL value of response packets on nmap port scans.
From: David Fifield <david () bamsoftware com>
Date: Fri, 13 Apr 2012 14:53:27 -0700
On Sat, Apr 14, 2012 at 12:27:22AM +0300, Otto Airamo wrote:
Actually: http://nmap.org/nsedoc/scripts/firewalk is not really doing same thing as there TTL value of scanner host is alternated. In my idea scanner does not change anything compared to regular scan. It is just using result of the TTL value target host is sending. I believe that --badsum option is actually closer to behavior that I am proposing. Main benefit with my proposal is that behavior outside of the nmap does not need to change. There is no need to send any extra packets to detect situation I descript in previous emails. That was the main thing that I wanted to bring out this idea. I wanted to get some comments if this would give some real added value in real life scenarios. TTL value would be trivial to add to nmap output with some new flag. Would you add this to mainstream if patch would be provided? If you see that this does not add any value in real life scenarios, let's not add just one more "use-only-in-a-lab" command line parameter.
I personally don't think it adds enough value to be added as a new feature. But if other people on the mailing list think differently, then I'm willing to look at a patch. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Using TTL value of response packets on nmap port scans. Otto Airamo (Apr 11)
- Re: Using TTL value of response packets on nmap port scans. David Fifield (Apr 11)
- Re: Using TTL value of response packets on nmap port scans. Otto Airamo (Apr 12)
- Re: Using TTL value of response packets on nmap port scans. David Fifield (Apr 12)
- Re: Using TTL value of response packets on nmap port scans. Otto Airamo (Apr 14)
- Re: Using TTL value of response packets on nmap port scans. David Fifield (Apr 13)
- Re: Using TTL value of response packets on nmap port scans. Otto Airamo (Apr 12)
- Re: Using TTL value of response packets on nmap port scans. David Fifield (Apr 11)