[Openvas-devel] openvasd -S option
Tim Brown
timb at openvas.org
Fri Sep 4 16:42:15 CEST 2009
On Friday 04 September 2009 15:35:57 Geoff Galitz wrote:
> Changing the source IP is frequently used for IDS evasion and spoofing the
> address of another system or network to get around firewall rules.
> Typically the spoofing does not work so well with TCP connections, but is
> more effective with UDP scans. If the scanner was on the same local
> network as the target the TCP spoofed scan would stand a better chance of
> success (since the MAC address would still be intact).
>
> I think it would be useful to retain this feature. It is good for auditing
> firewall and IDS systems.
Also useful it you have a multi homed machine and want to force traffic down a
specific interface irrespective of routes.
Tim
--
Tim Brown
<mailto:timb at openvas.org>
<http://www.openvas.org/>
More information about the Openvas-devel
mailing list