-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Try and sniff on a box while scanning it with the -D option,
The "spoofing" technique used here is not really impersonating as
someone else but
making yourself a few other people.
of course this option will only work on someone who hasn't researched
the -D option,
never uses any scanners and/or understands what this things are used
for(i.e script kiddies):
your question has nothing 2 do with Nmap but with how tcp/ip works.
A clue: try and see who is the first to communicate with the scanned
box amongst the "Decoys"
Gaziel
- -----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: ?? 17 ?????? 2001 18:15?
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: RE: nmap-spoofing-question
> when you include spoofed addresses you should include a real ip
> address that you want a reply to come back to. man nmap for more
> information about using the decoy option.
Hmm. That's clear, but why does the "-S"-option work? When I use this
option
together with the "-e" I get back the results from the scanned
machine. Is my
real address included in the tcp- or ip-headers? I tried these
options and
sniffed while scanning my local network and could not find any of my
real
addresses which where scanning. Just the ones I used with the
"-S"-option.
That's what I don't understand.
But thanks anyway, because I didn't know the decoy-option :-)
Chris
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>
iQA/AwUBO63x5QB7QABY1GEJEQKF0wCfSGRXvgqP2Ot+pT7WgyjcYNh/BeMAoOZX
nITnxnD6gSxgEY/cWcTThoNi
=MvIw
-----END PGP SIGNATURE-----
*****************************************************************************
The information in this email is confidential and may be legally privileged.
It is intended solely for the addressee. Access to this email by anyone else
is unauthorized.
If you are not the intended recipient, any disclosure, copying, distribution
or any action taken or omitted to be taken in reliance on it, is prohibited
and may be unlawful. When addressed to our clients any opinions or advice
contained in this email are subject to the terms and conditions expressed in
the governing KPMG client engagement letter.
*****************************************************************************
