nmap decoy and response packet

nmap decoy and response packet

Post by NNT » Sat, 28 Jun 2003 00:39:02



I am trying to understand how the decoy option work under nmap,

isn't that true that if you are port scanning someone with decoy
option in nmap, the return packet log on victim system can tell whos
receiving the information and thus hacker can be tracked down.

what the hell is the decoy option good for then.

 
 
 

nmap decoy and response packet

Post by Jem Berke » Sat, 28 Jun 2003 01:20:51


Quote:> I am trying to understand how the decoy option work under nmap,

> isn't that true that if you are port scanning someone with decoy
> option in nmap, the return packet log on victim system can tell whos
> receiving the information and thus hacker can be tracked down.

> what the hell is the decoy option good for then.

Slows down the investigation.

And makes the original attack look much more serious.

--
Jem Berkes
http://www.pc-tools.net/
Windows, Linux & UNIX software

 
 
 

nmap decoy and response packet

Post by Keith W. McCammo » Sat, 28 Jun 2003 02:05:29


Quote:> what the hell is the decoy option good for then.

Testing.  Nmap is a tool for network administrators, remember?
 
 
 

1. fragmented packets with nmap, how likely to crash remote host?

It shouldn't do anything except waste bandwidth.  As of now, I have
not heard of any recent weakness in up-to-date UNIX IP implementations.

--
Manfred
----------------------------------------------------------------
NetfilterLogAnalyzer, NetCalc, whois at: <http://logi.cc/linux/>

2. printer on an Ultra 10

3. Matrox Mystique ands X.

4. User accounting

5. kernel: Limiting closed port RST response from 233 to 200 packets per second

6. problems downloading qt

7. multiple SYN packets in response to RSH

8. C'รจ nessuno che parla Italiano?

9. PPP - packets out, no response!

10. Port scans with decoy hosts

11. arp response, no ping response

12. Slow Telnet response, fast rlogin response

13. Response server with telnet not matches with response server to browser