RV: nmap -S option

[Isidro Ramón Labrador Rodríguez <irlabrador () gmv com>]

> From nmap web site (www.insecure.org) :"Another possible use of this flag (-S) is to spoof the scan to make the 
> targets think that someone else is scanning them. Imagine a company being repeatedly port scanned by a competitor! The 
> -e option and -P0 are generally required for this sort of usage. Note that you usually won't receive reply packets 
> back (they will be addressed to the IP you are spoofing), so Nmap won't produce useful reports" 

Best Regarrds
________________________________

                 


Isidro R. Labrador Rodríguez

Consultor de Seguridad

Auditoría y Planificación de Seguridad

Security Consultant

Security Audit and Planning Division

         


GMV SOLUCIONES
GLOBALES INTERNET, S.A.
Isaac Newton, 11
P.T.M. Tres Cantos
E-28760 Madrid
Tel. +34 91 806 16 00
Fax +34 91 806 16 99
www.gmv.com


-----Mensaje original-----
De: listbounce () securityfocus com [mailto:listbounce () securityfocus com] En nombre de Baris Erdogan Enviado el: 
miércoles, 14 de febrero de 2007 10:13
Para: pen-test () securityfocus com
Asunto: nmap -S option

Hello,

When i use "nmap -sS targetaddress -S spoofaddress -e eth0" command, nmap does not show open ports at end of scan.
i wanna know whether this is normal case or not. 
do i misuse nmap options?
Because when i use nmap with "nmap -sS targetaddress", nmap shows me open ports at the end of scan.

Thanks,

Kind regards,
 
Baris Erdogan


 
____________________________________________________________________________________
Any questions? Get answers on any topic at www.Answers.yahoo.com.  Try it now.

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------


______________________
Este mensaje, y en su caso, cualquier fichero anexo al mismo,
 puede contener informacion clasificada por su emisor como confidencial
 en el marco de su Sistema de Gestion de Seguridad de la 
Informacion siendo para uso exclusivo del destinatario, quedando 
prohibida su divulgacion copia o distribucion a terceros sin la 
autorizacion expresa del remitente. Si Vd. ha recibido este mensaje 
 erroneamente, se ruega lo notifique al remitente y proceda a su borrado. 
Gracias por su colaboracion.
______________________
This message including any attachments may contain confidential 
information, according to our Information Security Management System,
 and intended solely for a specific individual to whom they are addressed.
 Any unauthorised copy, disclosure or distribution of this message
 is strictly forbidden. If you have received this transmission in error,
 please notify the sender immediately and delete it.
______________________

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------