Spoofing or packet forgery is seperately implemneted in NASL. Targets auditing is done using those functions. -S option is for the server. I am not able to realize the need for server to spoof.
Jan: Can you point to some links from google? Thanks, Chandra. -----Original Message----- From: openvas-devel-boun...@wald.intevation.org [mailto:openvas-devel-boun...@wald.intevation.org] On Behalf Of Geoff Galitz Sent: Friday, September 04, 2009 8:06 PM To: 'Jan-Oliver Wagner'; openvas-devel@wald.intevation.org Subject: Re: [Openvas-devel] openvasd -S option Changing the source IP is frequently used for IDS evasion and spoofing the address of another system or network to get around firewall rules. Typically the spoofing does not work so well with TCP connections, but is more effective with UDP scans. If the scanner was on the same local network as the target the TCP spoofed scan would stand a better chance of success (since the MAC address would still be intact). I think it would be useful to retain this feature. It is good for auditing firewall and IDS systems. -geoff --------------------------------- Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ > -----Original Message----- > > though I never used this option, I am not convinced this > is not needed at all. Various special cases seem to need it, > google says. > ... _______________________________________________ Openvas-devel mailing list Openvas-devel@wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-devel _______________________________________________ Openvas-devel mailing list Openvas-devel@wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-devel
