Hi, I am reopening the -S option issue. I am still not clear about the purpose of -S option. The addresses supplied along with -S option are "randomly" chosen and the sever binds to that chosen address. I don't know how this is useful when server is multi-homed or you want to spoof address to get around firewalls.Also I haven't really checked whether the connection goes through when you give "any" legal ipv4 address. Kind Regards, Srinivas.
On Fri, Sep 4, 2009 at 8:26 PM, Chandrashekhar B <bchan...@secpod.com>wrote: > -----Original Message----- > From: openvas-devel-boun...@wald.intevation.org > [mailto:openvas-devel-boun...@wald.intevation.org] On Behalf Of Tim Brown > Sent: Friday, September 04, 2009 8:12 PM > To: openvas-devel@wald.intevation.org > Cc: 'Jan-Oliver Wagner' > Subject: Re: [Openvas-devel] openvasd -S option > > On Friday 04 September 2009 15:35:57 Geoff Galitz wrote: > >> Changing the source IP is frequently used for IDS evasion and spoofing > the > >> address of another system or network to get around firewall rules. > >> Typically the spoofing does not work so well with TCP connections, but > is > >> more effective with UDP scans. If the scanner was on the same local > >> network as the target the TCP spoofed scan would stand a better chance > of > >> success (since the MAC address would still be intact). > >> > >> I think it would be useful to retain this feature. It is good for > auditing > >> firewall and IDS systems. > > > Also useful it you have a multi homed machine and want to force traffic > down a > > specific interface irrespective of routes. > > > This looks to be the real purpose! > > Chandra. > > _______________________________________________ > Openvas-devel mailing list > Openvas-devel@wald.intevation.org > http://lists.wald.intevation.org/mailman/listinfo/openvas-devel >
_______________________________________________ Openvas-devel mailing list Openvas-devel@wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-devel
