1 / 3

-sI Idlescan

-sI Idlescan. Greatest stealth of any nmap scan - Completely “blind” scanning - no packets are sent to target from machine running nmap Investigate IP-based trust relationships of target network. Idlescan technique.

mahlah
Download Presentation

-sI Idlescan

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. -sI Idlescan • Greatest stealth of any nmap scan - Completely “blind” scanning - no packets are sent to target from machine running nmap • Investigate IP-based trust relationships of target network

  2. Idlescan technique • Exploits OS’s that predictably increment their fragmentation ID numbers (IPID) whenever they send a packet • Zombie used to mask the original source of the scan must have this property - excludes OpenBSD, Solaris, recent Linux • A Zombie candidate must also be “idle” - no network traffic during scan other than communication with nmap machine - nmap will rely on IPID number of zombie to determine how the target has responded to the zombie with respect to the forged portscan • Zombie must be susceptible to responding to SYN/ACK packet with a RST packet which nmap derives the IPID from • Nmap automatically tests reliability of zombie

More Related