Try nmap -vv -sS -P0 <some_target_host> -D w.w.w.w,x.x.x.x,y.y.y.y,z.z.z.z This will print output in verbose mode while doing a Half-Open SYN Scan not requiring a ping response from the target using whatever -D (decoy) addresses you specify. There are lots of great examples in the man pages for nmap as well.
Good Luck, Clay Dillard Sr. Partner, Information Security SecureSpeed Information Systems --------------------------------------------------------------------- www.securespeed.cc --------------------------------------------------------------------- ----- Original Message ----- From: <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, November 20, 2001 1:35 AM Subject: Using Nmap to send Spoofed packets > Hey people, > > I read an article at http://www.sans.org/top20.htm that said that ontop of > the portscanning abilities of nmap, it also has the functionality to "send > decoy packets or spoofed packets to test for" spoofed IP filtering (at the > routers and firewall). > > Although I have used Nmap to for the obvious, I am interested of how to > execute this functionality to test for, or if the anti-spoofing ACL/FW > drop filters are inplace for internal, reserved, mulitcast, and RFC1918 > addresses. > > Any help appreciated... :) > > Regards, > Nick >
