;
Gaziel
- -Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: ?? 17 ?? 2001 18:15?
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: RE: nmap-spoofing-question
> when you include spoofed addresses you should include a real ip
> address that you want a r
When using this command, the IP snort spits out is always the one given with
"-S", but in the /var/log/messages i can see a lookup for the real IP of the
machine which is doing the scan. So I don't really believe, that it's binding
another one. I tried to have a closer look in the headers with sno
Perhaps it binds another IP to the card if you use those 2 options. In linux
(dunno about windows) it's very easy to have 1 ethernetcard listen to more
than 1 ip address. If you use that option try to see if the box responds to
the IP you gave by pinging it.
(BTW it says YOUR IP so you're NOT
s.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Saturday, September 15, 2001 3:24 PM
To: [EMAIL PROTECTED]
Subject: nmap-spoofing-question
Hi all.
I hope anybody can help me with this little question. How is it possible
to get
the scanning-results with nmap, wh
September 16, 2001 12:23 AM
Subject: nmap-spoofing-question
> Hi all.
>
> I hope anybody can help me with this little question. How is it possible
to get
> the scanning-results with nmap, when I spoof the address? I thought, that
if a
> computer gets a syn-packet or whatever, it
> when you include spoofed addresses you should include a real ip address that
> you want a reply to come back to. man nmap for more information about using
> the decoy option.
Hmm. That's clear, but why does the "-S"-option work? When I use this option
together with the "-e" I get back the resu
: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Saturday, September 15, 2001 10:24 AM
To: [EMAIL PROTECTED]
Subject: nmap-spoofing-question
Hi all.
I hope anybody can help me with this little question. How is it possible to
get
the scanning-results with nmap, when I spoof the address? I thought
i think youre referring to nmap's decoy option (-D).
true, you will only receive the packets destined for your ip. but your ip _and_ the
decoy ip/ip's you provided show up in a log file, instead of _just_ your ip. this
makes it more difficult for someone examining a log file to tell where the s
Hi.
All my apologies to the people who have spent their time answering my question.
I've asked my question not precisely enough... (uuhm... oops)
What I really meant were the options "-S" and "-e". Why do I get answers from
machines I've scanned when using these options? Is my real IP-address inc
Hi all.
I hope anybody can help me with this little question. How is it possible to get
the scanning-results with nmap, when I spoof the address? I thought, that if a
computer gets a syn-packet or whatever, it sends its syn-ack or whatever back to
the ip which sent the syn or any other kind of pa
10 matches
Mail list logo
