[12860] in bugtraq
Re: idlescan (ip.id portscanner)
daemon@ATHENA.MIT.EDU (marvin@NSS.NU)
Mon Dec 6 14:13:03 1999
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.LNX.4.05.9912041802210.6557-100000@marvin.junknet>
Date: Sat, 4 Dec 1999 18:38:32 +0000
Reply-To: marvin@NSS.NU
From: marvin@NSS.NU
X-To: LiquidK <liquidk@SUPERBOFH.ORG>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <19991203192045.A7864@superbofh.org>
On Fri, 3 Dec 1999, LiquidK wrote:
> I haven't seen any pratical implementation of the scan, so I decided
>to write one to see how usable the method is in the real world. I reached
>the conclusion that this method is indeed quite usable (althought a little slow
>to account for packet propagation time).
And here's mine. :-)
This one compiles on my system, yours didn't (yes, it was linux with
libnet and glibc).
A few notes:
0) Default is to send null packets for echo:ing, some firewalls block
them. Override with -F<flags>.
1) Lot's of options. All nice.
2) Use -e instead of -o 256 if silent host is windows.
3) It's script-puppy safe. Fix the (one-line) "bug" and get a free
portscanner!
ftp://ftp.nss.nu/pub/thompa/evil_stuff/ipidscan-0.1beta1.tar.gz
(requires libnet and libpcap)
