Hi All, I was wondering about the decoy scan in nmap. Is there a way to tell which host in a decoy scan is the real host? I found a post by Dug Song (http://www.geek-girl.com/ids/1999/0057.html), but these methods won't work anymore. First, as Dug Song said nmap now randomizes the ttl fields, and secondly you can't narrow it down to a host that can run nmap, because nmap can now be run on Windows systems as well. Ryan Spangler http://www.packetwatch.net ---------------------------------------------------------------------------- <Pre>Do you know the base address of the Global Offset Table (GOT) on a Solaris 8 box? CORE IMPACT does.</Pre> <A href="http://www.securityfocus.com/core"> http://www.securityfocus.com/core>
This archive was generated by hypermail 2b30 : Sun Mar 02 2003 - 21:29:12 PST