Hello, I have tested giving a valid IP address to -S, and the source address remains the actual IP address and not the given. So, not really sure about the purpose of -S.
Thanks, Chandra. > From: Srinivasa NL [mailto:nl.srini...@gmail.com] > Sent: Tuesday, November 03, 2009 9:59 PM > To: Chandrashekhar B > Cc: Tim Brown; openvas-devel@wald.intevation.org; Jan-Oliver Wagner > Subject: Re: [Openvas-devel] openvasd -S option > > > Hi, > I am reopening the -S option issue. > I am still not clear about the purpose of -S option. The addresses supplied along with > -S option are "randomly" chosen and the sever binds to that chosen address. I don't know >>> how >this is useful when server is multi-homed or you want to spoof address to get around > firewalls.Also I haven't really checked whether the connection goes through when you give > "any" legal ipv4 address. -----Original Message----- From: openvas-devel-boun...@wald.intevation.org [mailto:openvas-devel-boun...@wald.intevation.org] On Behalf Of Tim Brown Sent: Friday, September 04, 2009 8:12 PM To: openvas-devel@wald.intevation.org Cc: 'Jan-Oliver Wagner' Subject: Re: [Openvas-devel] openvasd -S option On Friday 04 September 2009 15:35:57 Geoff Galitz wrote: >> Changing the source IP is frequently used for IDS evasion and spoofing the >> address of another system or network to get around firewall rules. >> Typically the spoofing does not work so well with TCP connections, but is >> more effective with UDP scans. If the scanner was on the same local >> network as the target the TCP spoofed scan would stand a better chance of >> success (since the MAC address would still be intact). >> >> I think it would be useful to retain this feature. It is good for auditing >> firewall and IDS systems. > Also useful it you have a multi homed machine and want to force traffic down a > specific interface irrespective of routes. This looks to be the real purpose! Chandra. _______________________________________________ Openvas-devel mailing list Openvas-devel@wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-devel _______________________________________________ Openvas-devel mailing list Openvas-devel@wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-devel
