Penetration Testing mailing list archives
Re: Raw sockets vs connect() scanning on windows/linux
From: "Robert E. Lee" <robert () outpost24 com>
Date: Mon, 15 Oct 2007 18:21:09 +0200
On Sun, 2007-10-14 at 18:45 -0700, Erin Carroll wrote:
On the linux side, anyone know which scanners modify the raw socket packet creation to craft 60 byte packets to mimic exactly the typical connect() packet to get around products which are smart enough to tell the difference and change behaviors accordingly?
Unicornscan implements the -W option to mimic different OS's TCP stack characteristics. It supports sending as a Cisco Router, openbsd, WindowsXP, FreeBSD, nmap, or Linux stacks by default. Robert -- Robert E. Lee Chief Security Officer Outpost24 - One Step Ahead http://www.outpost24.com SE Phone: +46 40-627-1650 US Phone: +1 801-924-5902 email: robert () outpost24 com ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
Current thread:
- Raw sockets vs connect() scanning on windows/linux Erin Carroll (Oct 14)
- Re: Raw sockets vs connect() scanning on windows/linux John Lampe (Oct 15)
- Re: Raw sockets vs connect() scanning on windows/linux Daniel Miessler (Oct 20)
- Re: Raw sockets vs connect() scanning on windows/linux Robert E. Lee (Oct 15)
- Re: Raw sockets vs connect() scanning on windows/linux John Lampe (Oct 15)