On Sat, Jun 07, 2003 at 05:25:02PM -0400, Renaud Deraison wrote:
> things like portsentry and all), as the checks would establish a
> connection from different source IP addresses (and this is mostly why I
> find it interesting to implement it).
Okay, I commited a patch in CVS.
Usage :
nessusd -S <ip[,ip2, ...]>
ie:
nessusd -S 192.168.1.1
will force all the connections made by nessusd to come from 192.168.1.1.
nessusd -S 192.168.1.1,192.168.1.2,192.168.1.3,192.168.1.4
will randomly cycle through the list of IPs when establishing a
connection - ie: the remote host will be tested from four different IPs.
Note that each plugin always use the same source IP, so a whole port
scan will come from the same IP (I did this to avoid breaking checks
which make multiple connections to the remote host [ie: ftp ])
Before anyone asks :
- This _requires_ to have a (virtual) network interface bound to the IP each IP
address given in the list passed to -S. You can not do :
nessusd -S 1.2.3.4
and hope to have a security audit done anonymously. Also note
that usually, your operating system is very good at determining which
IP address should be used when scanning a host, so don't use this
feature except if you are sure you know what you're doing.
- Under Linux, you can create virtual interfaces by doing :
ifconfig ethN:M <ip>
ie:
ifconfig eth0:0 192.168.1.1
ifconfig eth0:1 192.168.1.2
...
- Under a BSD system, you need to do :
ifconfig <iface> alias <ip> netmask 255.255.255.255
ie:
ifconfig rl0 alias 192.168.1.1 netmask 255.255.255.255
ifconfig rl0 alias 192.168.1.2 netmask 255.255.255.255
...
-- Renaud
