-----Original Message----- From: openvas-devel-boun...@wald.intevation.org [mailto:openvas-devel-boun...@wald.intevation.org] On Behalf Of Tim Brown Sent: Friday, September 04, 2009 8:12 PM To: openvas-devel@wald.intevation.org Cc: 'Jan-Oliver Wagner' Subject: Re: [Openvas-devel] openvasd -S option
On Friday 04 September 2009 15:35:57 Geoff Galitz wrote: >> Changing the source IP is frequently used for IDS evasion and spoofing the >> address of another system or network to get around firewall rules. >> Typically the spoofing does not work so well with TCP connections, but is >> more effective with UDP scans. If the scanner was on the same local >> network as the target the TCP spoofed scan would stand a better chance of >> success (since the MAC address would still be intact). >> >> I think it would be useful to retain this feature. It is good for auditing >> firewall and IDS systems. > Also useful it you have a multi homed machine and want to force traffic down a > specific interface irrespective of routes. This looks to be the real purpose! Chandra. _______________________________________________ Openvas-devel mailing list Openvas-devel@wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-devel
