Results 1 to 9 of 9

Thread: BuYS - Question on NMap (-sI) Share/Save - My123World.Com!

  1. #1
    Super Commando Dhruv abhaythehero's Avatar
    Join Date
    Sep 2010
    Location
    Lucknow/Pune,India
    Posts
    466
    Blog Entries
    2

    Post BuYS - Question on NMap (-sI)

    Sorry guys totally forgot about this one !

    Read the rules here >> http://www.garage4hackers.com/showth...skills-Ver-2.0

    PM me to give the answers.After sufficient responses or after time frame, I will post them here.

    Question :

    Code:
    # nmap -v -sI 192.168.0.20 192.168.0.55 -PN
    • 192.168.0.20 is ?
    • 192.168.0.55 is ?
    • What type of nmap scanning this is ?
    • Why is -PN used ?


    Time frame : 3 days
    Last edited by abhaythehero; 03-16-2011 at 08:18 AM.
    In the world of 0s and 1s, are you a zero or The One !

  2. #2
    Security Researcher fb1h2s's Avatar
    Join Date
    Jul 2010
    Location
    India
    Posts
    616
    Blog Entries
    32
    Hey let the time frame be 24 hours . That way we could get more questions

    Check your pm I have answered
    Hacking Is a Matter of Time Knowledge and Patience

  3. #3
    Super Commando Dhruv abhaythehero's Avatar
    Join Date
    Sep 2010
    Location
    Lucknow/Pune,India
    Posts
    466
    Blog Entries
    2
    K .. I am posting the answer

    prashant's answer >>


    I think its an idle scan, I had read about it from b0nd bro's post. Its used to carry out a stealth scan which cannot be caught. This type of scan is tough to launch as it requires a zombie host too. PN is used when pings are blocked by firewall, so as to check the availability of target when it seems to be dead from normal scan.

    * I think the first IP address is of zombie host and the second when is the target host.
    fb1h2s' answer >>

    192.168.0.20 is zombie ip
    0.55 target
    -PN ping not " wont ping the host" help in case of few firwall rules

    s is for zombieeee uses a spoofed IP adress as a decoy

    Wht type of scan well version(banner grabing) is checked so definetly a full scan
    192.168.0.20 is zombie station.

    192.168.0.55 is the target station to be scanned (which can be behind a firewall).

    This type of nmap scanning is called Idlescan where increase in IPID values is calculated to know whether a port on target is open or not.



    (Screenshots from Prof Messer Nmap secret training)

    -PN is for the not pinging the target directly anytime in the scanning process.

    Thanks for answering guys and thanks to b0nd for pointing out that -P0 is deprecated now.

    Well turn for someone else now to ask a question
    In the world of 0s and 1s, are you a zero or The One !

  4. #4
    Security Researcher fb1h2s's Avatar
    Join Date
    Jul 2010
    Location
    India
    Posts
    616
    Blog Entries
    32
    Hey I got a doubt , how does nmap check the version when a half -syn scan only is done, some one please clear this doubt.

    I will delete this doubt question right after I get some help
    Hacking Is a Matter of Time Knowledge and Patience

  5. #5
    Super Commando Dhruv abhaythehero's Avatar
    Join Date
    Sep 2010
    Location
    Lucknow/Pune,India
    Posts
    466
    Blog Entries
    2
    how does nmap check the version when a half -syn scan only is done,
    Do you mean version of OS/Application/Service ? :O
    Only open ports can be detected by this method.OS fingerprinting,application,services detection is not possible by this method.
    In the world of 0s and 1s, are you a zero or The One !

  6. #6
    Version detection will use a full tcp connect. That's the reason it's a separate option.
    You always have wireshark to prove it to yourself.

    And why would you want to delete your post. It's always helpful to others.
    Last edited by webdevil; 03-17-2011 at 01:47 AM.

  7. #7
    ... I am no Expert b0nd.g4h@gmail.com b0nd's Avatar
    Join Date
    Jul 2010
    Location
    irc.freenode.net #g4h
    Posts
    744
    Quote Originally Posted by webdevil
    And why would you want to delete your post. It's always helpful to others.
    Right.

    To keep things clean, a separate sub forum has been created for such active discussions. Dedicate a new thread to every new question. Hence no need to delete any "doubt" or cross question under the concern of keeping forum clean. Shoot as many as you can


    Rgds
    [*] To follow the path: look to the master, follow the master, walk with the master, see through the master,
    ------> become the master!!! <------
    [*] Everyone has a will to WIN but very few have the will to prepare to WIN
    [*] Invest yourself in everything you do, there's fun in being serious

  8. #8
    Security Researcher fb1h2s's Avatar
    Join Date
    Jul 2010
    Location
    India
    Posts
    616
    Blog Entries
    32
    Oh ok a separate thread for each discussion thts fine then , so doubts could be still here

    So we use a decoy for being anonymous and half scan is done, but then when we use the -V flag then the point of doing a spoofed scan becomes pointless right ??
    Hacking Is a Matter of Time Knowledge and Patience

  9. #9
    ... I am no Expert b0nd.g4h@gmail.com b0nd's Avatar
    Join Date
    Jul 2010
    Location
    irc.freenode.net #g4h
    Posts
    744
    Quote Originally Posted by fb1h2s View Post
    Oh ok a separate thread for each discussion thts fine then , so doubts could be still here

    So we use a decoy for being anonymous and half scan is done, but then when we use the -V flag then the point of doing a spoofed scan becomes pointless right ??
    Though digging an old thread but intention is to clear few things so that beginners shall not get confused.
    1. -v or -V are not -sV

    In the first thread '-v' is used which is for verbose output
    -V is to check the version of NMap
    -sV is for service detection

    Your point is valid Fb1. It doesn't make sense using decoy and doing service detection.

    Cheers!
    [*] To follow the path: look to the master, follow the master, walk with the master, see through the master,
    ------> become the master!!! <------
    [*] Everyone has a will to WIN but very few have the will to prepare to WIN
    [*] Invest yourself in everything you do, there's fun in being serious

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •