From: Marius Huse Jacobsen (mahuja@c2i.net)
Date: Mon Feb 13 2006 - 18:26:32 EST
-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160
Mark Fosseth wrote:
| In terms of probing IPs which is the difference between scanning an host
| spoofing the source IP via -S option or scanning through an idle scan
| via the -sI option beside perspetive of course ?
| I performed a normal -sS scan and later I issued the same command and
| option using also -S but despiting the fact the command started
| correctly I had no results even if the spoofed IP was online. Do you
| have an idea what I am missing ?
- -S sets the "self" address, -sI sets an "idlehost" address. And there's
the "target" address.
In a -sS scan, it sends packets [from self to target], and tries to read
for any [target to self] packets. The returning packets must pass by
your interface(s) on their way to the "self" address.
In a -sI scan, it sends packets [from idle to target] and [self to
idle]. It never registers [target to idle] replies, but tries to detect
them based on what it finds in the [idle to self] replies.
Rookie... Shouldn't last too long, I hope. :P
M.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (MingW32)
iD8DBQFD8RWol9nYJJam7WsRA6vpAKCbAXkAwAyGVROwQyRUy4tC5pZuZQCfZ6Oy
VonxArfrh5LtB1vLEIQ1NmM=
=wsnC
-----END PGP SIGNATURE-----
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:31 EDT