0

I'm just assessing the security of my home server in preparation for opening it up to the internet. I've used nmap from a machine on my local network but I have firewall rules allowing access from the local network so this reveals more than I think will be visible from the internet.

Is there any way to 'spoof' the address nmap is scanning from, so I can see what a potential attacker would see? Any google search for that kind of thing yields a lot of very shady looking websites...

Ben Hymers
  • 703
  • 2
  • 8
  • 12

3 Answers3

2

Try ShieldsUp from Gibson Research. It'll do a simple scan with properly-formed packets, so not everything you might like to scan for. It's been around for years without any fishy reputation that I'm aware of, and the Gibson guy is also quite a character.

yukondude
  • 297
  • 4
  • 11
2

It's right in the manual:

FIREWALL/IDS EVASION AND SPOOFING:
  -S <IP_Address>: Spoof source address
  -g/--source-port <portnum>: Use given port number
  --spoof-mac <mac address/prefix/vendor name>: Spoof your MAC address

(there other useful options too)

Cristian Ciupitu
  • 6,226
  • 2
  • 41
  • 55
1

I remember learning Nmap and the decoy/zombie/idle/FTP scan techniques blew my mind with how clever they were. The idle scan has nice pictures to really understand it :D

http://nmap.org/book/man-port-scanning-techniques.html

http://nmap.org/book/man-bypass-firewalls-ids.html

http://nmap.org/book/idlescan.html

Rob Olmos
  • 2,220
  • 1
  • 15
  • 25