IMHO if your firewall is set up properly you will be able to block all the scanning packets. I know for a fact that freebsd's IPF is cabable of blocking the packets. and how to do it...well RTFMP. look under decoy
Hope this helps On Tue, Nov 20, 2001 at 02:35:08PM +0800, [EMAIL PROTECTED] wrote: > Hey people, > > I read an article at http://www.sans.org/top20.htm that said that ontop of > the portscanning abilities of nmap, it also has the functionality to "send > decoy packets or spoofed packets to test for" spoofed IP filtering (at the > routers and firewall). > > Although I have used Nmap to for the obvious, I am interested of how to > execute this functionality to test for, or if the anti-spoofing ACL/FW > drop filters are inplace for internal, reserved, mulitcast, and RFC1918 > addresses. > > Any help appreciated... :) > > Regards, > Nick
