April 2017
Intermediate to advanced
350 pages
8h 35m
English
Content preview from Applied Network Security
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Spoofing and decoy scans
When we are scanning machines that are not ours, we often want to hide our IP (our identity). Obviously, every packet must contain our source address or else the response from the target system will not know where to return to. The same applies to spoofing our IP when using Nmap. We can spoof our IP address (-S) in Nmap, but as a result, any response and any info we are trying to gather will return to the spoofed IP. Not very useful if we are scanning in order to gather info. A better solution is to obfuscate our IP address. In other words, we bury our IP address among many IP addresses so that the network/security admin can't pinpoint the source of the scan. Nmap allows us to use decoy IP addresses so that it looks ...