Hello, I need to discover hosts and services on remote subnets using nmap or similar. However, routes to/from some of these subnets have local significance only and are therefore not redistributed into the global routing tables. The lack of complete routing tables obviously causes end-to-end layer 3 connectivity and scanning of these subnets to fail. What I need is a way to use loose source routing in combination with nmap - a way to mangle packets and add loose source routing information to the IP options before nmap's packets are sent out to the wire. I've looked at netcat (-g option to add source routing information ) but I would prefer to use nmap for the actual scanning. Also, hping2-rc2 seems to support source routing but I haven't tried it yet mainly because nmap is the tool of choice. This is on Linux with kernel 2.4. Netfilter or iproute2 tricks would be definite possibilities. TIA, Oliver -- Unix is sexy: "unzip", "strip", "touch", "mount", "sleep". --------------------------------------------------------------------------- Did you know that you have VNC running on your network? Your hacker does. Plug your security holes. Download a free 15-day trial of VAM: http://www.securityfocus.com/StillSecure-pen-test ----------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Thu May 08 2003 - 10:40:17 PDT