Re: Raw sockets vs connect() scanning on windows/linux
- From: "Robert E. Lee" <robert@xxxxxxxxxxxxx>
- Date: Mon, 15 Oct 2007 18:21:09 +0200
On Sun, 2007-10-14 at 18:45 -0700, Erin Carroll wrote:
On the linux side, anyone know which scanners modify the raw socket packet
creation to craft 60 byte packets to mimic exactly the typical connect()
packet to get around products which are smart enough to tell the difference
and change behaviors accordingly?
Unicornscan implements the -W option to mimic different OS's TCP stack
characteristics. It supports sending as a Cisco Router, openbsd,
WindowsXP, FreeBSD, nmap, or Linux stacks by default.
Robert
--
Robert E. Lee
Chief Security Officer
Outpost24 - One Step Ahead
http://www.outpost24.com
SE Phone: +46 40-627-1650
US Phone: +1 801-924-5902
email: robert@xxxxxxxxxxxxx
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
- References:
- Raw sockets vs connect() scanning on windows/linux
- From: Erin Carroll
- Raw sockets vs connect() scanning on windows/linux
- Prev by Date: Re: Raw sockets vs connect() scanning on windows/linux
- Next by Date: Executing PHP Code from MSSQL table
- Previous by thread: Re: Raw sockets vs connect() scanning on windows/linux
- Next by thread: Executing PHP Code from MSSQL table
- Index(es):
Relevant Pages
|
