Hi every one,
I have a Windows XP system with ZoneAlarm firewall installed.
I have 2 raspberry Pi computers with Nmap installed
I have been attempting to use one RPI to scan the XP system but I am trying to fool ZoneAlarm into thinking the scan came from another address.
So I have XP system on 192.168.0.18. ZoneAlarm installed.
RPI 1 on 192,168.0.13 - set as untrusted on ZoneAlarm
RPI 2 on 192.168.0.14 - set as trusted on ZoneAlarm
I ran a decoy scan from RPI 1 to the XP system. I get the results from the scan but ZoneAlarm knows the scan came from 192.168.0.13 and the IP shows up in the log.
I then tried a zombie scan from RPI 1 and an error is returned from Nmap saying 'Idle scan is unable to obtain meaningful results from proxy'
I have searched for the error but cannot get any meaningful result. Does the system I am using as the zombie or decoy need certain ports to be opened to allow this type of scan to work?
Any help much appreciatted.