Create
Learn
Share

NMAP Firewall IDS Evasion and Spoofing

rename
dfredde's version from 2017-10-08 23:21

Switch

Question Answer
-f Example: nmap 192.168.1.1 -fRequested scan (including ping scans) use tiny fragmented IP packets. Harder for packet filters
--mtu Example: nmap 192.168.1.1 --mtu 32Set your own offset size
-D Example: nmap -D 192.168.1.101,192.168.1.102, 192.168.1.103,192.168.1.23 192.168.1.1Send scans from spoofed IPs
-D Example: nmap -D decoy-ip1,decoy-ip2,your-own-ip,decoy-ip3,decoy-ip4 remote-host-ipSend scans from spoofed IPs
-S Example: nmap -S www.microsoft.com www.facebook.comScan Facebook from Microsoft (-e eth0 -Pn may be required)
-g Example: nmap -g 53 192.168.1.1Use given source port number
--proxies Example: nmap --proxies http://192.168.1.1:8080, http://192.168.1.2:8080 192.168.1.1Relay connections through HTTP/SOCKS4 proxies
--data-length Example: nmap --data-length 200 192.168.1.1Appends random data to sent packets
memorize

Example IDS Evasion Command

Question Answer
nmap -f -t 0 -n -Pn –data-length 200 -D 192.168.1.101,192.168.1.102,192.168.1.103,192.168.1.23 192.168.1.1Example IDS Evasion command
memorize