Hi Curt, you are probably referring to hping, written by Antirez, that can perform spoofed portscans (using the ID field of IP datagrams). Check out http://www.kyuzz.org/antirez/hping.html for the tool, and http://www.securityfocus.org/templates/archive.pike?list=1&date=1998-12-15& msg=19981218074757.A990at_private for Antirez's original post about this scanning technique Hope this helps Al Curt Wilson <netw3at_private>@netw3.com on 13/06/2001 23.04.49 Sent by: netw3at_private To: pen-testat_private cc: (bcc: Alberto Revelli) Subject: Blind IP spoofing portscan tool? In the mailing for the Black Hat briefings, there is mention of a "blind IP spoofing portscan tool" or something along those lines. I'm curious about this tool, what is it's name and what is the mechanism by which it works? I'd guess that it's something involving other elements of the IP stack or some tool that uses a 3rd party system to check IP ID's, sequence numbers, ICMP responses or something along those lines. I'd be interested to know more information, please share if you have this knowledge. PS - I'm moving to Chicago soon and looking for a good security job, anyone got any leads? Curt Wilson netw3at_private +-------------------------------------------------------------+ | This message may contain confidential and/or privileged | | information. If you are not the addressee or authorized to | | receive this for the addressee, you must not use, copy, | | disclose or take any action based on this message or any | | information herein. If you have received this message in | | error, please advise the sender immediately by reply e-mail | | and delete this message. Thank you for your cooperation. | +-------------------------------------------------------------+
This archive was generated by hypermail 2b30 : Thu Jun 14 2001 - 10:33:31 PDT