Firewall Bypass in Nmap
Few days back on one of the post of Network mapping | CrazyEngineers introduced Nmap tool.
Well now let's talk on how nmap scanning can be done by evading a firewall. The result will hugely be different. Nmap has got various flags for this purpose. Here I/m listing my frequently used ones.
- Using a FIN scan. Firewalls don't log a TCP acknowledgement and hence using the flag -sF sends a FIN request.
- Using an Idle scan method with the flag -sI makes the scan very stealthy. One can exploit a trusted IP source. Read more about this at TCP Idle Scan (-sI) | Nmap Network Scanning
- Fragmenting packets with flag -f
- Spoof source IP address with -S
- Spoof a source port with -g
Well what are your frequently used flags? Or interested in knowing about firewall bypass list in Nmap? Read more at Firewall/IDS Evasion and Spoofing | Nmap Network Scanning