You can use the decoy option (-D ). Read the man pages on nmap for more information. A side note is that you might also want to look at the -sI option for a truly blind scan. I have never used the latter so I can't give details.
>From: [EMAIL PROTECTED] >Reply-To: [EMAIL PROTECTED] >To: [EMAIL PROTECTED] >Subject: Using Nmap to send Spoofed packets >Date: Tue, 20 Nov 2001 14:35:08 +0800 > >Hey people, > >I read an article at http://www.sans.org/top20.htm that said that ontop of >the portscanning abilities of nmap, it also has the functionality to "send >decoy packets or spoofed packets to test for" spoofed IP filtering (at the >routers and firewall). > >Although I have used Nmap to for the obvious, I am interested of how to >execute this functionality to test for, or if the anti-spoofing ACL/FW >drop filters are inplace for internal, reserved, mulitcast, and RFC1918 >addresses. > >Any help appreciated... :) > >Regards, >Nick _________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp
