[Openvas-devel] openvasd -S option

Geoff Galitz geoff at galitz.org
Fri Sep 4 16:35:57 CEST 2009



Changing the source IP is frequently used for IDS evasion and spoofing the
address of another system or network to get around firewall rules.
Typically the spoofing does not work so well with TCP connections, but is
more effective with UDP scans.  If the scanner was on the same local network
as the target the TCP spoofed scan would stand a better chance of success
(since the MAC address would still be intact).  

I think it would be useful to retain this feature.  It is good for auditing
firewall and IDS systems.

-geoff

---------------------------------
Geoff Galitz
Blankenheim NRW, Germany
http://www.galitz.org/
http://german-way.com/blog/


> -----Original Message-----
> 
> though I never used this option, I am not convinced this
> is not needed at all. Various special cases seem to need it,
> google says.
> 
...



More information about the Openvas-devel mailing list